New Zealand’s stock exchange resumed trading on Friday, after facing disruptions for four consecutive days in the wake of cyber attacks this week, while the government said national security systems had been activated to support the bourse.
There is no clarity on who was behind these two “offshore” attacks, but the failure to stop them has raised questions about New Zealand’s security systems, experts said.
NZX Ltd had to halt trading until afternoon on Friday, after crashing earlier due to network connectivity issues, marking the fourth day that trading has been hit.
Finance Minister Grant Robertson said the Government Communications Security Bureau and the national agency fighting cyber crime had been called in to help the bourse.
“I can’t go into much more in terms of specific details other than to say that we as a government are treating this very seriously,” Robertson said in a media briefing in Wellington.
NZX was hit on Tuesday and Wednesday by distributed denial of service (DDoS) attacks, a common way to disrupt a server by overwhelming it with a flood of internet traffic.
The attacks forced NZX to halt trading in its cash markets, disrupting operations in its debt market, Fonterra Shareholders Market and derivatives market.
“Four days in a row is becoming frustrating and quite disruptive,” said Jeremy Sullivan, an investment adviser at brokerage Hamilton Hindin Greene in Christchurch.
Activity is very low but institutional dealers are still able to put “negotiated trades” through the market by talking to each other directly, he added.
“The market’s physically capable of running, they’ve put it in a halt so that people aren’t disadvantaged with the website being down, which has material information on it.” NZX’s main board, debt market and Fonterra Shareholders’ Market resumed trading at 1:00 p.m (0100 GMT).
After the crash earlier on Friday, NZX had said it had been “experiencing connectivity issues which appear similar to those caused by severe DDoS attacks from offshore this week”.
It did not give details on the source or the impact of the attack.
“We can see the internet traffic was coming through the global gateway, therefore we know it originated offshore, but it’s near impossible to identify where it originated from,” network service provider Spark told Reuters.
REPEATED ATTACKS
New Zealand, a relatively small economy with a population of five million, is not often the target of such attacks but neighbouring Australia ramped up its cyber security this year after a rise in similar incidents.
Australia said it would spend A$1.66 billion ($1.19 billion) over 10 years to strengthen the cyber defences.
New Zealand’s central bank has said cyber attacks could wipe out about 2-3% of the profits of the banking and insurance industries each year.
“The first attack can happen anytime. But being attacked four days in a row raises some questions,” said Rizwan Asghar, a senior lecturer at the School of Computer Science, University of Auckland.
“The real question is what are the resources allocated and threshold set for protecting against these attacks?”