The New Zealand stock exchange (NZX) underwent a series of cyberattacks recently, along with several other financial service and media organizations.

What happened?

NZX was hit by five volumetric DDoS attacks over the course of a week, resulting in the crash of its website and halting operations during the first two attacks. Although NZX stated that its core trading platforms were unaffected, the crashing of its public-facing website forced the exchange to halt its services.

What does this imply?

These series of attacks have raised severe questions regarding the state of cybersecurity of the stock exchange. With the local storage of data, it is imperative that providers have adequate resources to deter attacks from sophisticated cybercriminals.

Who is to blame?

  • The attack has been spotted to be launched from overseas, state-backed adversaries.
  • Reportedly, the threat actors use the name of Amanda Collective and Fancy Bear to scare their victims.

Related incidents

  • Apart from NZX, the threat actors launched attacks on MoneyGram, PayPal, Venmo, YesBank India, and Braintree. The victims have been demanded to pay a hefty ransom in bitcoin.
  • The cybercriminals have targeted Spark, the hosting provider for NZX, leading in downtime for the provider’s other customers.
  • The hacker groups sent emails to e-commerce, finance, and travel agencies based in Asia-Pacific, the U.K, and the U.S.
  • In June, the government, business, health, and education sectors in Australia were the target of a large-scale cyberattack.

Steps taken

  • The Government Communications Security Bureau (GCSB), New Zealand’s spy agency, has been brought in to investigate the attacks and put a stop to them.
  • According to the investigation, it is unlikely that state-backed agents were responsible for the attacks.

The bottom line

With the constant barrage of attacks against high-profile targets, it is quite clear that no sector or country is safe from sophisticated cyberattacks. As the characteristics of DDoS attacks go, these attacks are primarily targeted towards the most vulnerable sites. All this only points to the need for better precautionary measures.

Cyware Publisher