NZX was hit with the cyber equivalent of a mugging, a crude and dated style of hack.
The website of the New Zealand Stock Exchange slowed to a crawl on a Tuesday afternoon in August. It was so badly throttled that the exchange couldn’t post market announcements, as required by financial regulators. So with an hour left for trading, management shut the entire operation down.
It didn’t take long to figure out what happened. The website had been overwhelmed by a tsunami of offshore digital traffic. An email from the perpetrators made clear that it was a malicious attack.
NZX Ltd, which operates the exchange, restored connectivity ahead of the next trading day. But the attacks resumed once the market opened, forcing more trading suspensions over the next few days.
When the exchange finally moved its servers out of the reach of the digital bombardment – to cloud-based servers – the attackers began targeting the exchange’s individually-listed companies. In the end, trading at NZX was stopped for four days, with “only intermittent periods of availability,” according to a government review.
“You wouldn’t wish this on your worst enemy,” NZX Chief Executive Officer Mark Peterson told a local newspaper.
NZX was hit with the cyber equivalent of a mugging, a crude and dated style of hack that John Graham-Cumming, the chief technology officer at the cybersecurity firm Cloudflare, described as “the simplest, dumbest attack you can do.” Known as a distributed denial of service, or DDoS for short, such attacks inundate a computer network or server with so much traffic that it can become overwhelmed and stop functioning.
DDoS attacks have been around for decades even though the cybersecurity indust ..
Support the originator by clicking the read the rest link below.
