- NZX Ltd was hit repetitively by a distributed denial of service (DDoS) attacks in the last week of August, which is a common way to disrupt a server by overwhelming it with a flood of internet traffic flow.
- Attackers also aimed at other organisations like Westpac, TSB, and weather forecaster MetService.
- NZX has launched an alternative site called announcements.nzx.com after being subject to DDoS attacks, which showcase 200 most recent market announcements.
- NZ’s spy agency, Government Communications Security Bureau has been instructed to assist NZX with the cyber-attacks.
- The Chief Information Officer has resigned from NZX after a chain of attacks set off multiple crashes of the trading website.
Cyber-attacks are increasingly becoming a norm on New Zealand stock exchange and has also been extended to websites, which involve banks as well as media firms.
New Zealand stock exchange fell victim to a distributed denial of service (DDoS) cyber-attacks (which began in August) that resulted in the suspension of trading by NZX for 6 days. NZX had received an email that had put it ‘on notice’ just before a DDoS attack targeted it.
To know more about the last month’s cyber-attack on NZX, please click here.
Such cyber-attacks are a common way to disrupt a server, where cybercriminals overpower and crash an organisation's online services, with enormous amounts of spurious internet traffic until they can no longer handle the scale of data requested.
The attacks are not created to rob data or do insider trading but rather demand ransom from the victims. The ransom generally involves demanding thousands of dollars that are paid in bitcoin or another cryptocurrency, which is practically unnoticeable. The DDoS software is accessible on the dark web and is not very tough to write.
She also added that due to DDoS characteristics, the largest and most vulnerable sites are targets of these attacks. In contrast, the defence against such attacks is quite tricky. Hence, the only way out is to turn off the site.
NZX spokesperson stated that the attacks impacted NZX's capability to circulate market announcements to the people, coercing it to stop trading to sustain market integrity. The attacks also disturbed operations in its Fonterra Shareholders Market, debt market, and the derivatives market.
Lately, NZX has been working with Spark (service provider for NZX network), government cybersecurity agencies and the US-based cybersecurity firm Akamai Technologies to apply extra security measures.
Government steps to stop the attacks
NZ’s Justice Minister, Andrew Little, stated that there had been an unparalleled rise in cyber-attacks, which is aiming everything from the stock market to weather service. He noted that the attackers found specific vulnerabilities in the stock market operations, which motivated them to persist with the attack.
Attackers also picked on other organisations like TSB, Westpac, certain news firms and weather organisation MetService.
RELATED READ: Knock Knock! Cybercriminal at Your Doorstep
As per Cert NZ, a total of 3,102 incident reports were received in Q1 and Q2 of 2020, a 73% rise in reports from Q1 to Q2.
Total financial losses stood at NZ$7.8 million for Q1 and Q2 2020 together. The specifics of the same are outlined in the table below:
Image Source: © Kalkine Group, Data Source: cert.nz.gov
Mark Peterson, Chief Executive, NZX stated that autonomous cyber specialists had warned NZX that the attacks had been the biggest, most well-resourced and advanced they have ever experienced in NZ.
Mr Little has brought in NZ's top security system ODESC to shield against the ongoing cyber-attacks.
Chief executives of the government led, ‘Officials' Committee for Domestic and External Security Coordination’ (ODESC) is the core committee of the National Security System, which acts during the crisis that jeopardises NZ security, sovereignty, or economy.
The committee was set up after the terror attack of 15 March in 2019 and recently stood up against coronavirus pandemic.
Government Communications Security Bureau has been leading ODESC, NZ foreign spy agency to assist with the investigation and working to safeguard targeted companies.
NZX launches backup site
NZ stock exchange has launched a backup site announcements.nzx.com after being a victim of cybercrime for over a month. The new site highlights the 200 most recent market announcements.
The idea has been adopted by a model followed by MetService, earlier where people are diverted to a no-frills site during the event of a cyber-attack.
After the suspension of trading activity on NZX due to a DDoS attack, that started on 26 August, the exchange began using a range of other methods from 31 August to keep market participants updated with the latest news.
Though NZX did not mention the mechanism, Sharesies is one such example, which used Google Drive to give market updates to its investors. Hence, NZX has been able to keep its platform running even after the subsequent attacks.
The backup site has now restructured the backup procedure, while NZX has further bolstered systems.
NZX Chief Information Officer resigns
On 29 September, NZX also announced the resignation of its Chief Information Officer, David Godfrey. He will be exiting NZX by the end of this year after a series of DDoS attacks, which triggered multiple crashes of the trading website.
Mr Godfrey has shouldered an array of IT leadership roles for more than a decade with NZX. He headed Regulated Systems & Operations before becoming the IT head of NZX in June 2011 and Chief Information Officer in 2016.
NZX Chief Executive Mark Peterson appreciated Mr Godfrey's contribution to NZX and his calmness, as well as supportive attitude towards his teams in the difficult times of coronavirus and the latest cyber-attacks.