It happens again, NZX being bullied by Cyber-attackers- Down for the fourth day - Kalkine Media

August 28, 2020 09:04 PM AEST | By Team Kalkine Media
Follow us on Google News:


  • New Zealand’s national stock exchange faces cyber-attack four days in a row.
  • The NZ government have asked the Government Communications Security Bureau along with the national agency to step in.
  • The failure to stop these continues four days attacks have now raised questions on New Zealand’s security systems.

On Friday, August 28, the New Zealand’s Exchange (NZX) again became a target of a sophisticated cyber-attack. The exchange was knocked offline by an offshore DDoS attack. Initially, the session resumed but later halted because of the attacks. NZX suffered a series of cyberattacks in four consecutive days, as the share market website went down in a very common type of cyber-crime Distributed Denial of Service (DDoS) attack. The New Zealand government said national security system is activated to support the bourse.

As of now, there is no clear idea on who is behind these offshore attacks. NZX Ltd trading session came to a halt in the afternoon on Friday, making it a four day in a row.

Identifying the serious problems NZX facing, the NZ government stepped in. The Finance Minister Grant Robertson said that the Government Communications Security Bureau along with the national agency is helping the exchange operator to fight the cybercrime. Robertson, during the media briefing in Wellington, said that he could not share all the specific details, but the government is treating this very seriously.

The Government Communications Security Bureau (GCSB) is a security and intelligence bureau. The National Cyber Security Centre a part of it. The bureau provides help and advice in cybersecurity matters.

NZX website is down

On 25 August, Tuesday, the exchange halted stock trading at about 4 pm. Wednesday, the trading session on S&P/NZX was cut short by an hour. It opened in the morning as usual and traded about an hour before NZX halted the session in its cash markets at approximately 11.24 am. The NZX Main Board, NZX Debt Market and Fonterra Shareholders resumed trading at 3 pm. The exchanged stopped trading in debt and equity markets for the most of the day on Thursday and derivatives market was also closed by 4 pm.

What initially was being considered as a network connectivity issue is now being considered as a cyber-attack. On Wednesday, NZX and the network service provider Spark released a joint statement in which NZX confirmed reports of a second DDoS attack similar to the Tuesday’s. The company said that the attack was generated from offshore and NZX is working with its network provider to address the issue which impacted the NZX system connectivity.

The failure to stop these continues four days attacks have now raised questions on New Zealand’s security systems.

Also read: How S&P/NZX50 Performed on August 26, 2020?

What happens during Distributed Denial of Service (DDoS) attack?

DDoS attacks are frequent cyberattacks which are to disturb the regular traffic of the server with malicious intent. During such attacks along with the targeted server, the services are also targeted, creating an overwhelming flood of internet traffic. The website and the servers crash as they cannot cope up with the scale of data flow, disturbing the usual business.

Also read: Cybersecurity and the Requirement of a Resilient Environment in Australia

NZX victim of prevalent cybercrime:

Recently NZX reported a lift in its earnings, reflecting strong foundations and steady support for Kiwi companies. With this cheerful announcement for the market, the series of cyberattacks are seen as a lack of cybersecurity measures for NZX.

Many media outlets have reported that the NZX is continuing to investigate the origin of the attack, but it was released from offshore through its network service provider. Spark confirmed to Reuters that they know the attacks are coming from global gateway, but it is near impossible to track down such attacks to know for sure where it's coming from.

Cybercrime scenario has changed worldwide, and the attacks are getting more organised. The DDoS attack is one of the common cyber crimes which can result in online ransoms. Clearly, the NZX has not been hacked, but instead, the attackers showed their sophistication and determination towards the act.

On Wednesday, the systems were down including NZX website and its Market Announcement Platforms such as its ticker board rapidly and brightly blinking.

Cybersecurity need of an hour?

Back to back four days, the hackers attacked the NZX server and brought down the entire system. The hackers successfully used the DDoS attack, which is one of the most potent weapons on the internet. Generally seen in such attacks, the attacks bombard the servers with traffic which may consist of incoming messages, requests for connections. In NZX attack, the attackers flooded the NZX website with invitations to connect by harnessing a few computers. The computers used in this attack might as well be of some innocent malware attack victims. This overloaded the exchange operator’s servers and crashed the site.

The DDoS attacks can be purchased on black markets online and hack innocent computers to felicitate such attacks on more prominent victims. The computer users may not even know that their device is being used to demonstrate such level of crime.

This could also result in more aggressive and damaging attacks with an extortion threat unless the targeted company pays the attackers in cryptocurrency.

The self-proclaimed group of cybercriminal ‘Armada Collective’ has repeatedly attacked the financial industry demanding ransom in the form of bitcoin. They hosted a series of Nefarious attacks since 2015, such as DDoS attacks and ransomware campaigns. The purpose behind these attacks are not only financial but also political or ideological. Some hacks also attack for experiment or entertainment.

A few months back, Australia faced a series of sophisticated cyber attacks. After which the Australian government chalked down a plan to strengthen its cybersecurity strategy. The government will invest AU$1.66 billion overall cybersecurity, including in technology and workforce skills on priority. New Zealand is a small country with a population of just five million. The state does not see such type of attacks so often. Hence these attacks are being considered on top priority by the government and the industry.

Also read: Cyber Espionage Campaign: Strings that tie China, Australia and the US


The content, including but not limited to any articles, news, quotes, information, data, text, reports, ratings, opinions, images, photos, graphics, graphs, charts, animations and video (Content) is a service of Kalkine Media Pty Ltd (Kalkine Media, we or us), ACN 629 651 672 and is available for personal and non-commercial use only. The principal purpose of the Content is to educate and inform. The Content does not contain or imply any recommendation or opinion intended to influence your financial decisions and must not be relied upon by you as such. Some of the Content on this website may be sponsored/non-sponsored, as applicable, but is NOT a solicitation or recommendation to buy, sell or hold the stocks of the company(s) or engage in any investment activity under discussion. Kalkine Media is neither licensed nor qualified to provide investment advice through this platform. Users should make their own enquiries about any investments and Kalkine Media strongly suggests the users to seek advice from a financial adviser, stockbroker or other professional (including taxation and legal advice), as necessary. Kalkine Media hereby disclaims any and all the liabilities to any user for any direct, indirect, implied, punitive, special, incidental or other consequential damages arising from any use of the Content on this website, which is provided without warranties. The views expressed in the Content by the guests, if any, are their own and do not necessarily represent the views or opinions of Kalkine Media. Some of the images/music that may be used on this website are copyright to their respective owner(s). Kalkine Media does not claim ownership of any of the pictures displayed/music used on this website unless stated otherwise. The images/music that may be used on this website are taken from various sources on the internet, including paid subscriptions or are believed to be in public domain. We have used reasonable efforts to accredit the source wherever it was indicated as or found to be necessary.

Top ASX Listed Companies

We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it. OK