New Zealand Stock Exchange Shut Down for Three Days Straight

Olivier Moll
Post by Olivier Moll
October 1, 2020
New Zealand Stock Exchange Shut Down for Three Days Straight

Is there a better solution to prevent cybercrime?


The New Zealand Stock Exchange (NZX) has been the victim of a severe cyberattack that forced it to shut down for three days straight. The downtime put millions of dollars at stake, prompting country leaders worldwide to consider better ways to combat cybercrimes of this magnitude.

The first attack hit the stock exchange on Tuesday, 25 of August 2020 resulting in a halt of all trading operations. The cause of the trading system shutdown appeared to be an offshore volumetric distributed denial of service (DDoS) attack via the exchange’s network service provider. The attack impacted systems such as NZX websites and the Markets Announcement Platform. NZX managed to mitigate the attack and restore connectivity for the NZX; however, this was short-lived.

The next day, NZX found itself shut down again due to the same DDoS attack, and the following day held the same disastrous pattern. This led the NZX Main Board, NZX Debt Market and the Fonterra Shareholders Market to be halted for three days.

A Serious problem

“While a stock exchange might not be what we traditionally considered to be ‘critical national infrastructure’ – it is critical to the economy, says Cath Goulding, CISO of UK domain registry Nominet. “Any downtime at all is putting millions of dollars at stake. Above all, this raises the issue to countries and governments around the world that critical financial services need to be treated as an extension of government security.”

“They should be given the utmost help and support from security agencies to protect them and help mitigate damage to the economy.”

The sophistication of these attacks continues to counter even the most secure connections, and are growing in severity and spread. According to Satnam Narang, a research engineer at cybersecurity company Tenable, this is a result of IoT. As financial organisations, and indeed, all organisations rely more on connected devices - the so-called Internet of Things - cybercriminals can now target vulnerable devices and spread DDoS attacks through any organisation faster than ever.

A threat on the rise - everywhere

Australia has responded that they have been in a state of heightened cyber awareness following the Prime Minister’s warning in June that the country was under cyber attack. However, the recent surge of DDoS attacks doesn’t seem limited to New Zealand and Australia.

Statistics from cybersecurity company Nexusguard report that DDoS attacks surged 542% in the first quarter of this year, compared to the final three months of 2019. These attacks are expected to become much more common as cybercriminals take advantage of the growth in public clouds and can sell their services cheaply on the dark web.

Security intelligence firm, Akami, has kept updated with the latest DDoS attack affecting the NZ Stock Exchange. They stated that ransom letters were going out to various industry verticals such as finance, travel and e-commerce demanding bitcoin. “We’ve not seen a specific region or industry targeted as a result of these extortion attacks. “There are institutions that reside in the UK, US, and APAC region who have received ransom letters.”

The amount of bitcoin demanded by the criminals increased each day they haven’t been paid.

A way to protect yourself and the country

DDoS attacks can cost companies and countries millions of dollars. A single DDoS attack in 2016 was able to disrupt major services including Airbnb, Netflix, PayPal, Visa, Amazon, The New York Times, Reddit, and GitHub.

The truth is that no matter how many protective measures you implement in your IT system, you will never be fully secure unless the network itself protects your legitimate data. DDoS attacks operate by sending huge amounts of traffic at once, exceeding the actual capacity of your internet access. Traditional internet networks do not know which traffic is legitimate and which one is part of the attack, thus flooding and blocking access. However, there is another solution to combating DDoS attacks.

Organisations who wish to protect their data and services should choose Anapaya’s SCION-based solution. Our next-generation internet solution helps identify and sort legitimate and illegitimate traffic while offering fast fail-over solutions and hidden, premium paths to ensure business continuity. It does this through three primary measures.

Firstly, as a B2B focused network, Anapaya’s SCION-based solution does not connect with millions of individuals like the traditional internet does. This, by extension, secures it against the millions of possible breaches from connected devices that are often used in vector attacks.

Secondly, all senders and users of the SCION network are authenticated and identified the moment they use the network, thus making anonymous, untraceable attacks impossible.

Finally, SCION offers one of the best pathing solutions available today in the form of premium, hidden paths. This feature enables service providers to create additional paths to guarantee service access to important, premium users. This means that even if a DDoS attack were to occur, these premium users would still be able to use the network. In the case of the NZDDoS attack, the general public would still have to use the disabled standard path, but premium traders or trading companies would be able to use the publicly unannounced, hidden path and continue to use the network despite the attack.

In addition to these three factors, SCION also offers other mechanisms to protect and secure critical business data, including multipathing, immunity to routing attacks and quick failover switches.

Essentially, what this means is Anapaya’s SCION-based services ensure business continuity, have robust resistance to DDoS attacks and are entirely immune to routing attacks. With more attacks happening each day, it’s only a matter of time before a sufficient political demand for internet safety is too loud to ignore. While this will require service providers to join the network, it may just be the only viable option to protect our data, our privacy and ourselves.

Find out more

As the NZ DDoS attack proves, now is the time to educate yourself about the SCION network and alternative connectivity options where you have full control. To find out more, download this free whitepaper on the topic, or contact Anapaya for more information.

Olivier Moll
Post by Olivier Moll
October 1, 2020
French in his core, Olivier loves cooking and traveling with his family.