Cyber attacks on New Zealand stock exchange suggest its systems aren't as robust as they need to be, a technology expert says.
It comes as New Zealand stock exchange operator NZX, halted trading just before 4pm on Tuesday due to a cyber attack. By early Wednesday morning, connectivity had been restored and trading resumed. But at 11.24am, NZX platforms were back down.
"NZX confirms that it is working with its network service provider to address a further issue today, impacting NZX system connectivity. It appears that this is similar to yesterday’s issue," it confirmed on Wednesday.
A joint statement from NZX and Spark on Tuesday described the attack as a "volumetric DDoS (distributed denial of service) from offshore".
Chief executive and futurist at Gorilla Technology Paul Spain, said it was likely to have been a demonstration, after which a ransom would follow. Attacks of this nature weren't easy to resolve and mitigate at short notice.
"It does suggest that the NZX systems are not quite as robust as they need to be for a national stock exchange," Spain said.
"Extortion-style" cyber crimes, such as DDoS attacks, could typically be traced back to countries such as Russia, Eastern Europe and North Korea.
"This type of attack tends to involve a 'botnet': it's basically a large army of computers that have been compromised by some sort of malware," Spain explained.
The computers, owned by companies or individuals, end up being compromised and participating in the attack. They could be based in New Zealand, or anywhere in the world.
"Rather than the normal number of visitors to a website, you might have 1000 times the normal number."
Cert NZ deputy director Declan Ingram, said while he had no comment on the NZX incident, there were 84 reports of DDoS attacks last year.
"Cyber attackers emailed organisations alerting them that they would be subject to a DDoS attack unless they paid a ransom before a specified deadline," Ingram said.
Although it put companies (and individuals) in a difficult position, paying the ransom could make them a future target.
"To protect against DDoS attacks, organisations need to work with their internet service providers and consider engaging with a DDoS protection service to prevent the DDoS traffic from reaching their systems," he added.
