A distributed denial-of-service attack may not be sophisticated, but it sure is effective.
That much was made repeatedly clear this week, as the New Zealand stock exchange, NZX, was forced to temporarily halt trading in cash markets twice over two days. At fault, according to two statements from the exchange, were two DDoS attacks.
“Yesterday afternoon NZX experienced a volumetric DDoS (distributed denial of service) attack from offshore via its network service provider, which impacted NZX network connectivity,” read the first Aug. 26 statement.
A second statement, later in the day, made clear that whoever was behind the attack was not going away.
“This morning NZX experienced a further disruption similar to yesterday’s related to a DDoS (distributed denial of service) attack,” explained the second Aug. 26 statement. “As such, NZX decided to halt trading in its cash markets at approximately 11.24am.”
Trading stayed down for over three hours on Wednesday, as a result of the second attack.
It is not immediately clear who is responsible for the attack, nor what their motivations are. In conversation with Radio New Zealand, Auckland University of Technology computer science professor Dave Parry spoke to the relative ease of carrying out this type of action.
“Unfortunately, the skills and software to do this are widely available,” he explained, “and the disruption of COVID and people working from home all over the world potentially with lower security on their computers means that these attacks are easier than usual.”
Notably, Radio New Zealand reports New Zealand’s Minister of Commerce and Consumer Affairs Kris Faafoi as stating that the attack did not seem to be the work of a state actor.
Whether that fact is supposed to make anyone feel better, or worse, is unclear.