WELLINGTON: New Zealand’s stock exchange is battling to restore services after cyber attacks shuttered the market for a third straight day, frustrating investors who were unable to trade amid a busy company earnings season.
The NZ$204bil (US$135bil) market, which is nearing a record high, was unable to reopen yesterday after the exchange’s website was again hit with a distributed-denial-of-service attack that floods a network with Internet traffic and disrupts services. Officials have declined to speculate on the source of the attack, other than saying it’s coming from offshore.
“We continue to address the threat and work with cyber-security experts, ” exchange operator NZX said in a statement. “We are doing everything we can to resume normal trading tomorrow.”
The disruptions come at the worst possible time, with companies such as national carrier Air New Zealand reporting their first annual results since the outbreak of the coronavirus pandemic. Commerce Minister Kris Faafoi and the Financial Markets Authority have both been in touch with the exchange over the incidents. No internal systems have been compromised and trading information has not been breached, a spokesman for the regulator said.
Cyber-security experts appear baffled by the attacks, saying New Zealand isn’t typically a target and that it’s unclear whether the hackers are criminals or state-based actors.
The government’s cyber security agency CERT NZ said in November it had received reports of extortion emails targeting the financial sector. The emails claimed to be from a Russian group called “Fancy Bear/Cozy Bear” and demanded a ransom to avoid denial-of-service attacks. CERT declined to comment when contacted yesterday.
Brendan Thomas-Noone, a research fellow at the University of Sydney’s United States Studies Centre, who works on national security and technology issues, said such attacks were relatively unsophisticated and had become easier to conduct on a large scale, as they could be automated through the use of botnets.
While New Zealand “is not a high-profile target, ” the incident raised “question marks over how much experience” the country has in dealing with such attacks, he said.
The market lost an hour of trading on Tuesday and three on Wednesday. The benchmark S&P/NZX-50 index was up 0.2% at 12,053 when trading stopped yesterday at 11:09 a.m. in Wellington, closing in on a record high of 12,073.
“The timing is not ideal, ” said Michael De Cesare, a portfolio manager at Nikko Asset Management in Auckland.
“Fund managers generally will be looking to be more active in response to the substantial new information being released to market. So clearly the disruption constrains that ability.”
The attacks are impacting the NZX website, meaning investors without direct market access can’t see company announcements.
“Some investors cannot see results, creating an unfair advantage to others such as ourselves who have access to announcements, ” said Jeremy Sullivan, an investment adviser at brokerage Hamilton Hindin Greene in Christchurch.
“The market itself is actually still capable of operating and has been placed into halt because the website was down.”
Minister Faafoi is being kept updated on the situation and has spoken with the exchange, his spokesman said today.
“He has been advised it is working with its Internet service provider on a security solution and has asked to be kept informed, ” the spokesman said.
The exchange is yet to respond to Bloomberg News queries about what steps it’s taking to prevent further attacks and whether it has received any demands in conjunction with them. A spokesman wouldn’t say whether NZX was exchanging intelligence on the issues with other stock exchanges.
BSE Ltd, Asia’s oldest stock exchange, said in a statement it had reviewed its own preparedness in light of the attacks in New Zealand.
Australia’s ASX said it didn’t comment on cyber-related matters, while Japan’s exchange said it had “layers of security measures” in place to prevent operations being impacted by cyber attacks.
Korea’s stock exchange said its own website didn’t work for almost three hours on Wednesday after suffering from a DDoS attack. — Bloomberg
Did you find this article insightful?
100% readers found this article insightful