NZX’s connectivity attacks: Implications for NZ business

Avatar photo

Cat Mules

The question hot on everyone's lips: Why weren’t we prepared?

For the fourth time this week, New Zealand’s trading exchange has been halted due to distributed denial of service (DDoS) attacks.

The attacks appear to have hit New Zealand’s largest telecommunications network provider, Spark, where a volumetric DDoS attack came from offshore.

The NZX is understood to have now moved its domain to multinational content delivery network, Akamai Technologies. The website for the bourse (a market organized for the purpose of buying and selling) is still serviced by a content delivery network run by Red Shield in Wellington.

The attack effectively downed system and network connectivity by saturating the network with significant volumes of internet traffic, halting the network for several hours each time and stopping NZX trading lines along with it.

Photo credit: NZX, Supplied

Along with limiting trading, it’s a timely reminder for organisations to protect themselves.

A DDoS attack involves unsolicited control to a network of online machines. It happens when the attacker inundates the organisation’s site with traffic from multiple sources, with the impact of overwhelming the web server forcing it to either crash or be shut down.

While neither NZX nor Spark have commented on the source or location of the hackers, experts are saying the cyber attacks were highly motivated and serious.

JMI Wealth director Andrew Kelleher told Mike Hosking on Newstalk ZB that the cyber attack was clearly a “very motivated and very serious act”.

Speaking with Radio New Zealand, Auckland University of Technology Professor Dave Parry said the NZX attacks were likely conducted by a “mafia type” gang of hackers.

“It [the DDoS attack] indicates whoever’s doing the attacking is probably significantly skilled. These are quite sophisticated gangs and thinking along the lines of mafia type people is about right really, you’re not really able to do this on a shoestring,” he said.

Parry has also warned that DDoS attacks may be more common, as hackers seek to take advantage of vulnerable current circumstances while the world is not looking.

“Unfortunately the skills and software to do this are widely available and the disruption of COVID and people working from home all over the world potentially with lower security on their computers means that these attacks are easier than usual.”

DDoS attacks are targeted more toward businesses or organisations than they are individuals.

For business, the major implication is that online services or support may not work until the attack is over, which can harm reputations and bear financial consequences for both companies and customers.

If they do hit individuals, the cause is usually financially or politically motivated. In 2016, the blog of American investigative journalist and cybersecurity expert, Brian Krebs, was attacked, taking hostage an excess of 620 Gbps – at the time the largest attack ever seen. The source of the attack was a new type of malware: the Mirai botnet that has since gone on to be used to exploit holes in IoT devices, such as IP cameras, home routers and video players, via remote operation.


Throughout 2020, Umbrellar experienced on average 1 DDoS attack per week against its infrastructure and hosted customer platforms.

Umbrellar’s Technology Solution Architect, David Garrett, explains, “Volumetric attacks look to saturate and use up all available bandwidth, preventing legitimate traffic from reaching your website or service.”

The vast majority of DDoS attacks are successfully mitigated automatically by Umbrellar’s upstream internet provider or protected by established protection methods:

  • Use a Web Application Firewall to filter legitimate requests to the back-end web server.
  • Use an internet provider who offers DDoS mitigation capability.
  • Host your public facing websites using DDoS protected internet connectivity.
  • Use a CDN or caching service to filter incoming traffic.
  • Host your public facing websites on the public cloud, which has the bandwidth and infrastructure to handle DDoS traffic volumes.
  • Design your infrastructure to scale up with increased load and compute capacity.
  • Ensure your websites, servers and infrastructure are properly patched, configured and secured so that they can’t be used to participate in DDoS attacks against others.
Avatar photo

Cat Mules

Umbrellar's Digital Journalist, coming from a background in tech reporting and research. Cat's inspired by the epic potential of tech and helping kiwi innovators share their success stories.

Data, AI, BI & ML

See Profiles

Artificial Intelligence and Machine Learning are the terms of computer science. Artificial Intelligence : The word Artificial Intelligence comprises of two words “Artificial” and “Intelligence”. Artificial refers to something which is made by human or non natural thing and Intelligence means ability to understand or think. There is a misconception that Artificial Intelligence is a system, but it is not a system. AI is implemented in the system. There can be so many definition of AI, one definition can be “It is the study of how to train the computers so that computers can do things which at present human can do better.” Therefore it is an intelligence where we want to add all the capabilities to machine that human contain. Machine Learning : Machine Learning is the learning in which machine can learn by its own without being explicitly programmed. It is an application of AI that provide system the ability to automatically learn and improve from experience. Here we can generate a program by integrating input and output of that program. One of the simple definition of the Machine Learning is “Machine Learning is said to learn from experience E w.r.t some class of task T and a performance measure P if learners performance at the task in the class as measured by P improves with experiences.”

You might also like

[ajax_load_more id="9462509724" container_type="div" post_type="post" posts_per_page="6" post__in="" pause="false" placeholder="true" scroll="false" button_loading_label="Loading" button_done_label="No results" no_results_text="No results"]

Our Vendors

Subscribe to
NZX’s connectivity attack: Implications for NZ business.

Get the latest news content in your inbox each week