Expert Insight On New Zealand’s Stock Exchange Hit By Second Cyber Attack

Trading on New Zealand’s stock exchange was halted for several hours on Wednesday after what appeared to be a second offshore cyber attack in as many days, bourse operator NZX Ltd (NZX.NZ) said.

Experts Comments

August 27, 2020
Jamie Akhtar
CEO and Co-founder
CyberSmart
Hackers are beginning to hit industries where it hurts. The last decade has seen the financial sector make a massive shift to automated trading including AI-powered technology to beat the markets. Unfortunately, that also means that an attack can have huge impacts as we saw here. Any industry that is transitioning to a total reliance on technology needs to make security a number one priority. This includes building it into the designs of their systems. The consequences of not doing so could be.....Read More
Hackers are beginning to hit industries where it hurts. The last decade has seen the financial sector make a massive shift to automated trading including AI-powered technology to beat the markets. Unfortunately, that also means that an attack can have huge impacts as we saw here. Any industry that is transitioning to a total reliance on technology needs to make security a number one priority. This includes building it into the designs of their systems. The consequences of not doing so could be huge- both monetary and reputational.  Read Less
August 27, 2020
Cath Goulding
CISO
Nominet
The DDoS attack on the New Zealand stock exchange is an incredibly serious incident that shows just how much havoc hackers can cause on a national scale, even with attack techniques that are relatively well known. There are suggestions that nation state hackers are behind this attack. Whether they are or not, it demonstrates how cyber crime can hit right at the heart of a country's operation. While a stock exchange might not be what we traditionally consider to be ‘critical national.....Read More
The DDoS attack on the New Zealand stock exchange is an incredibly serious incident that shows just how much havoc hackers can cause on a national scale, even with attack techniques that are relatively well known. There are suggestions that nation state hackers are behind this attack. Whether they are or not, it demonstrates how cyber crime can hit right at the heart of a country's operation. While a stock exchange might not be what we traditionally consider to be ‘critical national infrastructure' - it is critical to the economy. Any downtime at all is putting millions of dollars at stake and in this instance it was brought offline two days in a row. Above all this raises the issue to countries and governments around the world that critical financial services need to be treated as an extension of government security. They should be given the utmost help and support from security agencies to protect them and help mitigate damage to the economy.  Read Less
August 31, 2020
John Hultquist
Director of Intelligence Analysis
FireEye
The incident in New Zealand underscores the threat of disruption to critical financial infrastructure. Destructive or disruptive attacks against exchanges could have cascading effects across the economy and ultimately this approach may be more successful than attacks on the energy sector and other industries. Iranian actors have carried out denial of service attacks against the financial sector in the past, but did not target exchanges or succeed in seriously disrupting major financial sector.....Read More
The incident in New Zealand underscores the threat of disruption to critical financial infrastructure. Destructive or disruptive attacks against exchanges could have cascading effects across the economy and ultimately this approach may be more successful than attacks on the energy sector and other industries. Iranian actors have carried out denial of service attacks against the financial sector in the past, but did not target exchanges or succeed in seriously disrupting major financial sector processes such as securities trading. We have seen hacktivist actors in Indonesia target exchange related websites in 2018, but we’ve seen no evidence that these incidents disrupted trading.  Read Less
August 27, 2020
Matt Aldridge
Principal Solutions Architect
Webroot
This latest attack again highlights the risks posed by threat actors, who can use cyberattacks to try to cripple important financial infrastructure at a national scale. In this case, it’s likely attackers facilitated the DDoS style attack through the use of botnets. The evolution of attack types emitting from botnets has been rapid over recent years and is unlikely to slow down. Financial services platforms are often robustly protected with an array of products and services attempting to.....Read More
This latest attack again highlights the risks posed by threat actors, who can use cyberattacks to try to cripple important financial infrastructure at a national scale. In this case, it’s likely attackers facilitated the DDoS style attack through the use of botnets. The evolution of attack types emitting from botnets has been rapid over recent years and is unlikely to slow down. Financial services platforms are often robustly protected with an array of products and services attempting to prevent attack, penetration and denial of service, but in some situations a massive distributed denial of service attack cannot be immediately prevented or circumvented. These types of attack are also notoriously difficult to trace, so confidently assigning the blame for this may prove difficult, unless there was an associated extortion attempt.  Read Less
August 26, 2020
Jake Moore
Cybersecurity Specialist
ESET
As the world becomes increasingly connected, more defenses are required to protect against the bombardment of attempts to take down a site. DDoS attacks are common threats that can usually be avoided with the correct mitigation techniques. However, when a site experiences a massive influx of traffic that it is not prepared for, even huge organisations can be knocked off their feet relatively easily – and for long periods of time. One common mistake organisations make is to underestimate the.....Read More
As the world becomes increasingly connected, more defenses are required to protect against the bombardment of attempts to take down a site. DDoS attacks are common threats that can usually be avoided with the correct mitigation techniques. However, when a site experiences a massive influx of traffic that it is not prepared for, even huge organisations can be knocked off their feet relatively easily – and for long periods of time. One common mistake organisations make is to underestimate the magnitude, force, and determination that threat actors possess. These gangs will continue to cause havoc by directing massive volumes of traffic to a website, either to send a message or test the site’s defenses in preparation for further attacks. Whatever their reason, it’s clear that we should never take this threat too lightly and need to start protecting now for even stronger DDoS bombs.  Read Less
August 26, 2020
Ilia Kolochenko
Founder and CEO
ImmuniWeb
This may be a rehearsal of a major attack targeting NASDAQ or LSE amid the craziness going on the global stock markets. I don’t think that major cyber gangs have their own interest in, or were hired by someone to conduct a DDoS capable of repeatedly shutting down NZX. While even a daily outage of NYSE can lead to multibillion losses around the globe, and probably even some bankruptcies and countless lawsuits. Unfortunately, not much can be done to prevent large-scale and well-prepared DDoS.....Read More
This may be a rehearsal of a major attack targeting NASDAQ or LSE amid the craziness going on the global stock markets. I don’t think that major cyber gangs have their own interest in, or were hired by someone to conduct a DDoS capable of repeatedly shutting down NZX. While even a daily outage of NYSE can lead to multibillion losses around the globe, and probably even some bankruptcies and countless lawsuits. Unfortunately, not much can be done to prevent large-scale and well-prepared DDoS attacks today. Worse, DDoS attacks are hardly investigable, and most of their authors enjoy skyrocketing profits in virtual impunity. During the pandemic, the average price of bots used for DDoS has fallen, and will probably become even more affordable. When millions of devices suddenly start a massive attack, it’s a question of network capacity not really network security. We witnessed many examples in the past, when even the largest DDoS protection companies ceased protecting some of their clients under exceptionally large DDoS and gave up. Web applications and APIs should, however, be regularly audited for business logic and architectural security flaws that may consume all CPU/RAM and greatly facilitate a DDoS attack.  Read Less
August 27, 2020
Matt Aldridge
Principal Solutions Architect
Webroot
This latest attack again highlights the risks posed by threat actors, who can use cyberattacks to try to cripple important financial infrastructure at a national scale. In this case, it’s likely attackers facilitated the DDoS style attack through the use of botnets. The evolution of attack types emitting from botnets has been rapid over recent years and is unlikely to slow down. Financial services platforms are often robustly protected with an array of products and services attempting to.....Read More
This latest attack again highlights the risks posed by threat actors, who can use cyberattacks to try to cripple important financial infrastructure at a national scale. In this case, it’s likely attackers facilitated the DDoS style attack through the use of botnets. The evolution of attack types emitting from botnets has been rapid over recent years and is unlikely to slow down. Financial services platforms are often robustly protected with an array of products and services attempting to prevent attack, penetration and denial of service, but in some situations a massive distributed denial of service attack cannot be immediately prevented or circumvented. These types of attack are also notoriously difficult to trace, so confidently assigning the blame for this may prove difficult, unless there was an associated extortion attempt.  Read Less
August 27, 2020
Miles Tappin
VP of EMEA
ThreatConnect
The threat to critical infrastructure continues to become more severe and sophisticated as the years go on, but the two day distributed denial of service (DDoS) attack on the New Zealand stock exchange proves just how serious the issue is becoming. There are various motivations behind DDoS attacks, including political, ethical or extortion tactics and they have been commonly disregarded as a major cyber security issue within the industry. Due to the fact that DDoS attacks don’t steal.....Read More
The threat to critical infrastructure continues to become more severe and sophisticated as the years go on, but the two day distributed denial of service (DDoS) attack on the New Zealand stock exchange proves just how serious the issue is becoming. There are various motivations behind DDoS attacks, including political, ethical or extortion tactics and they have been commonly disregarded as a major cyber security issue within the industry. Due to the fact that DDoS attacks don’t steal anything, but rather slow down or stop businesses in their tracks – many organisations have turned a blind eye to mitigating them. While DDoS attacks typically last a couple of minutes to hours, we have started to see them stretching to days even weeks, which can have a significant and lasting impact on any business. New Zealand, and other states worldwide need to use this attack as a stark reminder of the importance of protecting their national critical infrastructure. It is paramount that organisations with any strategically useful information prepare themselves to deal with highly sophisticated attacks. To deliver reliable services to society, critical infrastructure providers need to ensure cybersecurity is built into operating models. If done so correctly, they will then be able to ensure their cyber security programmes become more efficient, ultimately making it easier to spot relevant threats and gain more context into attack patterns to inform response strategies.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.