New Zealand’s stock exchange (NZX) has been impacted by distributed denial-of-service (DDoS) attacks during the last two days, forcing it to shut down trading until the connectivity issues were resolved.
NZX operates New Zealand’s capital, risk, and commodity markets, and it supplies market information including real-time stock quotes, market data and news.
DDoS attackers knocked down NZX’s services twice
The stock market announced around 7 AM today that it was able to restore services after it had to halt cash markets yesterday afternoon following what it called a volumetric DDoS attack.
“Yesterday afternoon NZX experienced a volumetric DDoS (distributed denial of service) attack from offshore via its network service provider, which impacted NZX network connectivity,” a memo on the stock market’s website says.
“The systems impacted included NZX websites and the Markets Announcement Platform. As such, NZX decided to halt trading in its cash markets at approximately 15.57. [..] The attack was able to be mitigated and connectivity has now been restored for NZX.”
However, a recurring DDoS attack from today forced NZX to once again halt trading at 11:14 AM, after NZX’s websites and the Markets Announcement Platform were affected.
Four hours later, at 3 PM, the NZX Main Board, NZX Debt Market and Fonterra Shareholders Market that had to be shut down were back to normal trading once the attack ended and connectivity was restored.
According to an NZ Herald report, NZX later said that it “has been in close contact with market participants, and appreciates the support and level of understanding during the periods of disruption to trading.”
DDoS-for-hire services under fire
While NZX’s alerts don’t name the threat actor behind the attack or the method used to launch the DDoS attacks, there is a high probability that they used the services of sites offering DDoS-for-hire services (aka stressers or booters).
Lately, law enforcement agencies around the world have been shutting down dozens of booters used by pranksters, threat actors, or hacktivists to launch large-scale DDoS attacks against online services and sites.
For instance, the Dutch police’s cybercrime team took down 15 booters within a single week during early-April in joint operations with external parties including hosters or registrars, other international police forces, Europol, Interpol, and the FBI.
Besides taking down stressers, law enforcement agencies is also hunting down those who use them, with hundreds of individuals already under investigation following “Operation Power Off.”
As part of this operation, the WebStresser booter, a service that had 151,000 registered users at the time of its shutdown, was taken down in April 2018. Afterward, DDoS mitigation firm Link11 reported that DDoS attacks went down approximately 60% across Europe.
A Kaspersky Lab report estimates that the financial impact a DDoS incident has on a small business could be as much as $120,000, while larger orgs could end up having to spend $2million on average to restore services after each attack.
To read the original article: https://www.bleepingcomputer.com/news/security/new-zealand-stock-exchange-halted-trading-after-ddos-attacks/