New Zealand Stock Exchange Restored After Four Day DDoS Attack

The New Zealand government has got involved after the country’s stock exchange was knocked offline for four days with a distributed denial of service (DDoS) cyberattack from abroad.

The DDoS attack began on Tues day this week and continued right through to Friday afternoon, when the exchange finally managed to recover its services.

The attack was so serious that the New Zealand government said its national security systems had been activated to support the exchange. The worry among security professionals is that the ‘offshore’ attackers will have used this attack as a dress rehearsal for a cyberattack on a larger stock exchange.

Prolonged DDoS

According to the BBC, New Zealand’s communications security bureau had been called in to help.

“I can’t go into much more in terms of specific details other than to say that we as a government are treating this very seriously,” Finance Minister Grant Robertson reportedly said in a media briefing.

“We are currently experiencing connectivity issues which appear similar to those caused by severe DDoS attacks from offshore this week,” NZX reportedly said after the market failed to open at 10am Wellington time.

Trading on the exchange eventually resumed three hours later at 1:00pm (0100 GMT), the BBC reported.

However when Silicon UK attempted to reach the NSX website on Friday 11.30am BST, the connection failed.

NSX earlier this week confirmed the attack had come from ‘aboard’.

New Zealand’s neighbour Australia’s has also experienced a determined cyberattack recently.

In June the Prime Minister of Australia, Scott Morrison, confirmed his nation was the target of a “sophisticated” cyber attack.

The Aussie PM warned that an unnamed foreign government was behind the attack, and that country subsequently said it would spend A$1.66 billion (£910m) over 10 years to strengthen its cyber defences.

Never seen before

A security expert highlighted the fact that this was a prolonged DDoS rarely seen before, and could herald similar attacks on financial institutions in the future.

“It is rare to see ransoms attached to DDoS attacks in the way we are used to with ransomware,” said Jake Moore, cybersecurity specialist at ESET.

“We often see denial of service attacks overcome by upping protection and directing the excess traffic elsewhere, so for this disruption to be in its fourth day would suggest that this is sizable attack on a scale unlikely to have been seen before,” he said.

“If any demands are met with paying off a ransom, it is likely that we will start to see more DDoS attacks used in this way in the future,” Moore concluded. “Financial institutions are naturally attractive to threat actors and if everything goes in their favour, this has the potential of reaping huge rewards.”