Questions raised about NZ's security systems after NZX attacks
- 30 August, 2020 20:45
New Zealand's stock exchange (NZX) resumed trading on Friday, after facing disruptions for four consecutive days in the wake of cyber attacks last week, while the government said national security systems had been activated to support the bourse.
There is no clarity on who was behind these two "offshore" attacks, but the failure to stop them has raised questions about New Zealand's security systems, experts said.
NZX Ltd had to halt trading until afternoon on Friday last week, after crashing earlier due to network connectivity issues, marking the fourth day that trading has been hit.
Finance Minister Grant Robertson said the Government Communications Security Bureau and the national agency fighting cyber crime had been called in to help the bourse.
"I can't go into much more in terms of specific details other than to say that we as a government are treating this very seriously," Robertson said in a media briefing in Wellington.
NZX was hit last Tuesday and Wednesday by distributed denial of service (DDoS) attacks, a common way to disrupt a server by overwhelming it with a flood of internet traffic.
The attacks forced NZX to halt trading in its cash markets, disrupting operations in its debt market, Fonterra Shareholders Market and derivatives market.
"Four days in a row is becoming frustrating and quite disruptive," said Jeremy Sullivan, an investment adviser at brokerage Hamilton Hindin Greene in Christchurch.
Activity is very low but institutional dealers are still able to put "negotiated trades" through the market by talking to each other directly, he added.
"The market's physically capable of running, they've put it in a halt so that people aren't disadvantaged with the website being down, which has material information on it."
NZX's main board, debt market and Fonterra Shareholders' Market resumed trading at 1:00 p.m. (0100 GMT).
After the crash earlier on Friday, NZX had said it had been "experiencing connectivity issues which appear similar to those caused by severe DDoS attacks from offshore this week".
It did not give details on the source or the impact of the attack.
"We can see the internet traffic was coming through the global gateway, therefore we know it originated offshore, but it's near impossible to identify where it originated from," network service provider Spark said.
(Reporting by Praveen Menon, Tom Westbrook, Shashwat Awasthi and Nikhil Nainan Kurian; Editing by Stephen Coates and Himani Sarkar)