NZ stock exchange halted by cyberattacks again

WELLINGTON (AFP) – New Zealand’s spy agency has been brought in to help fight back against cyberattacks that crippled the country’s stock exchange for a fourth straight day yesterday.

Finance Minister Grant Robertson said the Government Communications Security Bureau (GCSB) intelligence agency had joined efforts to contain the threat, which market operator NZX claimed was foreign-sourced but provided no further details.

“There are limits to what I can say about what action the government is taking behind the scenes due to significant security considerations,” Roberts told reporters. “But we are aware of the impact this is having on the market and officials have been working with the NZX.

“Ministers have asked the GCSB to assist, and the National Cyber Security Centre within the GCSB are assisting.”

He added that the National Security System – which is intended to ensure a coordinated response between intelligence agencies and government during a crisis – had been activated.

“The GCSB’s capability is the thing that is in play here, they know a lot about cyberattacks,” he said. “We can apply that capability to a company (NZX) who obviously have a critical role.”

The New Zealand Stock Exchange board is shown on the side of Jarden Building in Central Auckland. PHOTO: AP

Experts have told local media that possible perpetrators include a state-sponsored incursion, online activists with an anti-capitalist agenda such as Anonymous, or a criminal enterprise seeking a ransom.

Asked if NZX had received a ransom request, Robertson replied: “I’m not aware of that, that’s something you’ll have to take up with GCSB.”

The GCSB declined to comment.

Regulators from the Financial Markets Authority (FMA) said the exchange had told it that investors’ data had not been compromised.

“In the circumstances, the FMA supports the decisions of NZX to halt trading, for periods where issuers are unable to release information to the market,” the agency said.

Sean Duca, a Sydney-based regional chief security officer at Palo Alto Networks, said the fact that top officials had activated the crisis plan showed the seriousness of the situation.

“The ramifications are not just significant to the financial sector, it’s more the fact that someone’s targeting something of national interest, that’s part of the country’s critical infrastructure,” he said.

Such infrastructure includes systems that provide essential services such as the electricity grid, communication networks and transport providers.

“Attacks like these are a bit of a wake-up call to organisations… and maybe they say OK let’s do something now, Duca said.

Rizwan Asghar, of Auckland University’s school of computer science, said ‘denial of service’ (DDoS) attacks, which bombard systems with data requests or traffic, occurred regularly but were usually contained by the target’s security systems.