Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Spooks Called in as Cyberattacks Again Halt NZ Stock Exchange

New Zealand’s spy agency has been brought in to help fight back against cyberattacks that crippled the country’s stock exchange for a fourth straight day on Friday.

New Zealand’s spy agency has been brought in to help fight back against cyberattacks that crippled the country’s stock exchange for a fourth straight day on Friday.

Finance Minister Grant Robertson said the Government Communications Security Bureau (GCSB) intelligence agency had joined efforts to contain the threat, which market operator NZX claimed was foreign-sourced but provided no further details.

“There are limits to what I can say about what action the government is taking behind the scenes due to significant security considerations,” Roberts told reporters.

“But we are aware of the impact this is having on the market and officials have been working with the NZX.

“Ministers have asked the GCSB to assist, and the National Cyber Security Centre within the GCSB are assisting.”

He added that the National Security System — which is intended to ensure a coordinated response between intelligence agencies and government during a crisis — had been activated.

“The GCSB’s capability is the thing that is in play here, they know a lot about cyberattacks,” he said. “We can apply that capability to a company (NZX) who obviously have a critical role.”

Experts have told local media that possible perpetrators include a state-sponsored incursion, online activists with an anti-capitalist agenda such as Anonymous, or a criminal enterprise seeking a ransom.

Asked if NZX had received a ransom request, Robertson replied: “I’m not aware of that, that’s something you’ll have to take up with GCSB.”

The GCSB declined to comment.

Regulators from the Financial Markets Authority (FMA) said the exchange had told it that investors’ data had not been compromised.

“In the circumstances, the FMA supports the decisions of NZX to halt trading, for periods where issuers are unable to release information to the market,” the agency said.

– ‘Wake-up call’ –

Sean Duca, a Sydney-based regional chief security officer at Palo Alto Networks, said the fact that top officials had activated the crisis plan showed the seriousness of the situation.

“The ramifications are not just significant to the financial sector, it’s more the fact that someone’s targeting something of national interest, that’s part of the country’s critical infrastructure,” he said.

Such infrastructure includes systems that provide essential services such as the electricity grid, communication networks and transport providers.

“Attacks like these are a bit of a wake up call to organisations… and maybe they say OK let’s do something now, Duca said.

Rizwan Asghar, of Auckland University’s school of computer science, said ‘denial of service’ (DDoS) attacks, which bombard systems with data requests or traffic, occurred regularly but were usually contained by the target’s security systems.

He was not aware of a critical piece of infrastructure such as NZX experiencing such comprehensive security failures over such a long period.

“On day one, I wasn’t surprised, these attacks are pretty common,” he told AFP.

“The second day I was surprised it was still happening, but having four days in a row. It’s very concerning that they can’t deal with this amount of attack traffic.”

Asghar said the source of DDoS attacks was hard to track because the culprits used vulnerable computers then wiped their activity logs, so even the owners may not know their machine had been used for illegal purposes.

He said the NZX outages showed the need for governments to build proper security into critical infrastructure systems before cyberattacks occurred.

“Often those things will happen and they’ll say ‘we need to get some security, but security is not an add-on, it’s not something you can plug and play right away,” he said.

“We need to invest in security and take a proactive approach, not just reactive.

Related: N.Zealand Freezes Assets of Alleged Russian Cyber Criminal

Related: Cyberattack Hits New Zealand Budget

Related: New Zealand Says Budget Leak Was Bungled, Not Hacked

Written By

AFP 2023

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.