The New Zealand stock exchange’s (NZX) main website last week was once again taken down in a cyber assault.
The exchange had already suffered an unusually powerful and persistent distributed denial of service (DDoS) attack in the last week of August. Over a span of four days, this interrupted trading for hours at a time.
Even though the attackers did not corrupt the exchange’s trading systems, they prevented it from displaying regulatory news updates, which investors require access to if they are to make informed decisions.
The first attack was launched at the height of second-quarter earnings season.
The exchange said it came from overseas and market participants wondered if an assault on key national infrastructure might even be state sponsored. Such attacks involve bad actors using malware to take over computers of unwary businesses and individuals, and direct them onto a target’s websites in such huge numbers that its servers are overwhelmed.
New Zealand’s National Cyber Security Centre (NCSC) said that the perpetrators were targeting several global organizations mostly in the financial sector and suspicions turned to a powerful criminal network seeking to extract a ransom.
Troubling development
The first attack seemed eventually to fizzle out.