Following four straight days of disruption, New Zealand’s stock exchange began trading again on Friday.
The country’s bourse has been hobbled by two “offshore” cyber attacks this week with its national security systems deployed to act as a support mechanism, Reuters reported.
On Tuesday and Wednesday, Wellington’s NZX was hit by a distributed denial of service – known as a DDoS – attack. These attacks typically try to overwhelm a company’s servers by routing high levels of traffic through it, forcing it to crash.
On its return to trading today, the $135bn stock exchange was also hit by connectivity issues that disrupted early activity. “We are currently experiencing connectivity issues which appear similar to those caused by severe DDoS attacks from offshore this week,” NZX said.
New Zealand finance minister Grant Robertson said the government had called in both the Communications Security Bureau and the national cyber crime fight agency to assist the exchange.
In a media briefing in Wellington Mr Robertson was scant on further details around the attacks but insisted the event was being taken “very seriously”.
New Zealand’s cash markets as well as its debt and derivatives markets and its Fonterra Shareholders Market were all disrupted by the attacks.
“Four days in a row is becoming frustrating and quite disruptive,” said Jeremy Sullivan, an investment adviser at brokerage Hamilton Hindin Greene in Christchurch.
Mr Sullivan said that activity remained low but that institutional deals were still able to process negotiated trades through the market.
Tech site ZDnet reported that the New Zealand stock exchange was one of a range of recent victims of DDosS attacks by criminal groups that brand themselves as Armada Collective and Fancy Bear. The origin of the attackers is not yet known, but they appear to be using monikers associated with several infamous hacking collectives, according to security researchers Akami.
Fancy Bear are allegedly linked to Russian nation state level hacking and most famously were responsible for hacking the Democratic Party ahead of the 2016 US elections.
Transfer service MoneyGram, YesBank India, Worldpay, PayPal, Braintree, and Venmo have all reportedly been hit by similar attacks.
It was reported that the attacks are typically a form of extortion, where hackers will call off the DDoS if they’re paid a certain amount in bitcoin.