A series of distributed denial of service (DDoS) attacks extending over five days has roiled New Zealand’s stock exchange operator (NZX) with periodic outages, prompting the government to order one of its security bureaus to investigate and highlighting the worldwide, meteoric spike in ISP-related assaults.
On Monday August 31 local time, the Government Communications Security Bureau (GCSB) issued an advisory urging the nation’s businesses to take necessary precautions following the fifth day of outages hitting the NZX and other attacks on some media outlets, the New Zealand Herald reported. “NZX has been advised by independent cyber specialists that the attacks last week are among the largest, most well-resourced and sophisticated they have ever seen in New Zealand,” NZX chief executive Mark Peterson said.
The nation's National Security System that requires government agencies to work together has also been activated, Finance minister Grant Robertson said at a press conference. "There are limits to what I can say today about the action the government is taking behind the scenes due to significant security considerations," Robertson said. "We as a government are treating this very seriously."
DDoS attacks have skyrocketed in the first quarter of this year, according to Nexusguard’s Q1 2020 Threat Report. During the period, DDoS events rose more than 278 percent compared to Q1 2019 and more than 542 percent compared to the prior quarter. The COVID-19 pandemic and the heavy reliance on online services by remote workers has given rise to a spate of attacks meant to overwhelm ISPs.
While the New Zealand hackers have not been identified, ransom notes sent to some victims ahead of the attacks have suggested that the Russian sponsored Fancy Bear group could be behind the assaults. Last November, New Zealand’s Computer Emergency Response Team (CERT NZ) warned that hackers mimicking the Russian gang’s affiliated Cozy Bear were lining up local financial institutions for DDoS attacks. The threats were coming from state actors, criminal gangs and rogue hackers, officials said. Still, the government does not have any clues yet on who might be behind this latest cyber barrage, GCSB Minister Andrew Little told the New Zealand new site Stuff, which itself was hit by an unsuccessful attack.
In 2019, CERT NZ received 84 incident reports about DDoS attacks, the organization said. New Zealand is a member of the Five Eyes intelligence alliance, which also includes the U.S., U.K., Australia and Canada. The countries share cyber intelligence and have pledged, along with 22 other nations, to coordinate any response to cyber attacks.
