New Zealand’s stock exchange has been offline for days after a distributed denial of service (DDoS) attack affected its network connectivity.
On the afternoon of Tuesday 25 August, the stock exchange said it had been hit by a volumetric DDoS attack from offshore via its network service provider, which had impacted network connectivity.
New Zealand’s Exchange (NZX), which operates the market, said in a statement that systems including websites and the markets announcement platform had been hit. At the time, it said the attack was mitigated and connectivity was restored.
NZX expected the market to open the following day, Wednesday 26 August, but it decided to halt trading again after a further disruption.
The organisation is working with cyber security experts and hopes to get back to normal trading on Friday 28 August.
“This decision not to reopen has been made while we focus on addressing the situation,” it said. “We continue to address the threat and work with cyber security experts, and we are doing everything we can to resume normal trading tomorrow (28 August).”
Stock exchanges are important to a functioning economy, and even a short outage can cause economic havoc. Stock exchanges have invested heavily in trading systems that can complete trades from start to finish in microseconds and build infrastructures to minimise downtime.
Cath Goulding, CISO at .uk domain registry Nominet, said the New Zealand attack was very serious and “shows just how much havoc hackers can cause on a national scale, even with attack techniques that are relatively well known”.
“There are suggestions that nation-state hackers are behind this attack,” she added. “Whether they are or not, it demonstrates how cyber crime can hit right at the heart of a country’s operations. While a stock exchange might not be what we traditionally consider to be critical national infrastructure, it is critical to the economy. Any downtime at all is putting millions of dollars at stake and in this instance it was brought offline two days in a row.
“Above all, this raises the issue to countries and governments around the world that critical financial services need to be treated as an extension of government security. They should be given the utmost help and support from security agencies to protect them and help mitigate damage to the economy.”
Although DDoS is, arguably, one of the cruder methods of launching a cyber attack, some of the most damaging cyber incidents of recent years have been caused by DDoS, most famously the Mirai internet of things botnet attack, which took multiple websites offline by targeting DNS services provider Dyn.