Stock exchange operator NZX crashes again

The NZX stock exchange website is back up and running after it crashed again on Wednesday, the day after it went down due to a serious cyber attack.

Functionality was restored at 11:55am after a 30-minute delay. In a statement, NZX said it was continuing to look into the issue.

"NZX confirms that it is working with its network service provider to address a further issue today, impacting NZX system connectivity. It appears that this is similar to yesterday's issue. NZX halted trading in its cash markets at approximately 11:24am," it said.

"NZX's network provider continues to investigate the source of the issue."

On Tuesday night, the NZX site was hit by a cyberattack which forced it to halt trading. 

"This afternoon a Spark customer, NZX Limited, experienced a volumetric DDoS (distributed denial of service) attack from offshore, which impacted NZX system connectivity. As such, NZX decided to halt trading in its cash markets at approximately 15:57," network provider Spark said in a statement.

"A DDoS attack aims to disrupt service by saturating a network with significant volumes of internet traffic. The attack was able to be mitigated and connectivity has now been restored for NZX."

But on Wednesday morning, the site crashed for a second time, leaving customers unable to connect to it.

Speaking on Wednesday morning, NZX chief executive Mark Peterson said Tuesday's attack had been launched from outside New Zealand.

"It's been dealt with and we are up and running," he said, according to NBR.

"Obviously we are working with all our suppliers to work out how we mitigate this going forward if it ever happens again."

Shortly afterwards, the site went down for a second time.

Professor Dave Parry, from the AUT department of computer science, calls it "a very serious attack on critical infrastructure in New Zealand".

"The fact that this has happened on a second day indicates a level of sophistication and determination which is relatively rare," he said in a statement.

"GCSB will be involved along with CERT in trying to identify the source of the attack. Unfortunately, the skills and software to do this are widely available and the disruption of COVID and people working from home all over the world potentially with lower security on their computers means that these attacks are easier than usual.

"These sort of attacks can be mounted by governments or private criminal gangs. Recently, Australia has pointed the finger at the Chinese government for similar attacks; the Chinese government has strongly denied this. As yet, there is no evidence that this attack is by an overseas government. Criminal gangs, especially if they are based in poorly-regulated countries, can use these attacks to demand ransoms."