New Zealand stock exchange (NZX) halted 2 days by DDoS attack

New Zealand’s stock exchange (NZX) confirmed it was hit by a massive distributed denial of service (DDoS) attack from abroad that knocked it offline two days.

New Zealand’s stock exchange (NZX) has been hit by distributed denial-of-service (DDoS) attacks that took it offline for two days, trading activity was interrupted until the connectivity was restored.

According to a statement published by the New Zealand’s stock exchange, the SSoD attack “impacted NZX network connectivity” forcing it to halt trading in cash markets around 16:00 local time.

Trading operations were halted briefly for a second time, on Wednesday, but the interruption lasted only a few hours, from 11:24 to 15:00 local time.

The DDoS attack impacted traders, anyway financial or personal information of the users was not accessed.

“Yesterday afternoon NZX experienced a volumetric DDoS (distributed denial of service) attack from offshore via its network service provider, which impacted NZX network connectivity. The systems impacted included NZX websites and the Markets Announcement Platform.” reads the announcement published by the exchange. “As such, NZX decided to halt trading in its cash markets at approximately 15.57. A DDoS attack aims to disrupt service by saturating a network with significant volumes of internet traffic. The attack was able to be mitigated and connectivity has now been restored for NZX.”

NZX confirmed that the attack hit NZX websites and the Markets Announcement Platform.

In November, CertNZ warned financial firms of DDoS attacks with extortion purposes. New Zealand CertNZ’s alert explicitly mentioned emails sent from Russia-linked Fancy Bear.

“We have received reports of extortion emails targeting companies within the financial sector in New Zealand.” reads the alert.

“The emails claim to be from a Russian group called ‘Fancy Bear / Cozy Bear’ and demand a ransom to avoid denial-of-service attacks. They carry out a short denial-of-service attack against a company’s IP address to demonstrate their intent. So far, a larger denial-of-service hasn’t happened if the ransom is not paid.”

The NZX announcement released after the DDoS attack doesn’t provide details of the DDoS attack, such as the attach method and the name of the alleged threat actor behind the attack. Experts believe the attackers used DDoS-for-hire services (aka booters).

In April, Dutch authorities have taken down 15 DDoS-for-hire services in a week.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, New Zealand stock exchange)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.