New Zealand stock exchange reopens after four days of cyber attacks

New Zealand stock exchange reopens after four days of cyber attacks
Image Source

The stock exchange of New Zealand has resumed its operations after four consecutive days of disruption caused by cyber attacks.

Trading started on New Zealand’s Exchange (NZX) at 1 p.m. local time on Friday. Although the New Zealand stock exchange wanted to resume earlier, morning trade was postponed again due to cyber attacks.

Disruption from cybercriminals

According to the exchange, trading was stopped at around 4 p.m. local time on Tuesday after it experienced a distributed denial of service (DDoS) attack from outside the country. Further attacks continued on Wednesday and Thursday.

For most of each day, the exchange halted debt and equity markets trading while it conducted an investigation into the issue. NZX also closed down the derivatives market starting 4 p.m. on Thursday.

Cybercriminals use DDoS attacks to disrupt service by flooding a network with large volumes of internet traffic. In 2016, a widespread DDoS attack caused outages for some users on platforms such as Twitter and Netflix.


The motive of the attacks on the NZX remains unclear and the exchange have declined to respond on whether the attackers were demanding a ransom.

NZX said: “We do not comment publicly on our specific cyber security arrangements or how we are responding to specific threats. NZX is continuing to work with its network provider to investigate the source of the issue.”

Increase in DDoS attacks

Cyber security company Nexusguard highlighted an increase in DDoS attacks as cybercriminals take advantage of the growth in public clouds and offer their services cheaply on the dark web.

In the first quarter of this year, DDoS attacks went up by 542% compared to the final three months of 2019.

Juta Gurinaviciute, chief technology officer at cloud-based network provider NordVPN Teams, said: ”One reason why DDoS attacks are so inexpensive is that more and more people that offer DDoS-for-hire services are leveraging the scale and bandwidth of public clouds.”

Satnam Narang, a research engineer at cyber security company Tenable, also mentioned that the attacks have also become more sophisticated. Narang pointed out that as financial institutions increasingly depend on connected devices, cybercriminals can target vulnerable devices to launch stronger DDoS attacks.

Other recent cyberattacks

In late 2019, the country of Georgia shut down over 2,000 websites, including the national television station, due to a massive cyber attack.

In many of the websites affected by the attacked, their home pages were substituted with a picture of the country’s former president Mikheil Saakashvili with a caption that reads “I’ll be back”. Several people on social media are speculating that the attacks might have been orchestrated by Russia.

Last February, the US Department of Defense has confirmed that Defense Information Systems Agency‘s (DISA) computer systems were targeted by a cyber attack.

The cyber attack on DISA, the agency in charge of secure communication for the White House, left the personal data of around 200,000 people exposed. DISA oversees military communications including calls for US President Donald Trump.

The hackers exposed the data of thousands of people, including names and social security numbers. The agency is in charge of military cybersecurity and sets up communications networks in combat zones.

The most recent cyber attack was in mid-July, when social media firm Twitter said 130 accounts were targeted by hackers in the Bitcoin scam, including those of Barack Obama, Elon Musk, and Bill Gates.

Twitter later found that the hacking was caused by human error and a spear-phishing scam on its staff.