New Zealand stock exchange halted by cyber-attack

DDoS attack

Exchange operator NZX was forced to impose another trading halt on Thursday morning, citing connectivity issues, following similar outages the two previous days that it attributed to cyber attacks from overseas.

Trading in its cash markets were suspended at 2324 GMT and its website remained crashed.

Two New Zealand government agencies involved in cybersecurity declined to comment on the matter.

"This morning NZX experienced a further disruption similar to yesterday's related to a DDoS (distributed denial of service) attack", explained the second August 26 statement.

Trading was stopped at approximately 3.57pm yesterday after it experienced a "volumetric distributed denial of service (DDoS) attack" which impacted its system connectivity, Spark and NZX said in a joint statement at the time.

The exchange had initially said on Tuesday that the attacks had been mitigated and that normal operations would resume on Wednesday, but as The Guardian noted, the subsequent attack has raised questions about security.

"As such, NZX made a decision to halt trading in its cash markets at approximately 11.24am".

New Zealand's Exchange - also known as NZX - said it was hit with a DDoS attack on Tuesday, which it claims came from overseas.

"This is a very serious attack on critical infrastructure in New Zealand", said Dr Dave Parry, a professor of computer science at Auckland University of Technology.

"A DDOS attack aims to disrupt service by saturating a network with significant volumes of internet traffic".

"So, at this stage, from the information we've got, it's not that kind of attack".

While NZX's alerts don't name the threat actor behind the attack or the method used to launch the DDoS attacks, there is a high probability that they used the services of sites offering DDoS-for-hire services (aka stressers or booters).