Home Finance NZ’s cyber security attacks

NZ’s cyber security attacks

Author

Date

Category

NZ’s cyber security centre warns more attacks likely following stock market outages

By Dave Parry, Head of the Department of Computer Science, Auckland University of Technology

The Government Communications Security Bureau (GCSB) has issued a warning to all New Zealand businesses to be prepared for cyber attacks, following almost a week of daily attacks on the New Zealand stock exchange (NZX).

The attacks have caused outages, sometimes for hours, of NZX’s public-facing website since Tuesday last week. Today it continued trading under a new arrangement that allows it to post information to alternative platforms.

The attacks are part of worldwide malicious cyber activity and the government will likely share information via Interpol and government-to-government links, including the intelligence alliance know as Five Eyes.

Creating millions of bots

The type of attack is known as a Distributed Denial of Service (DDoS). The attacker infects large numbers, often thousands or even millions, of computers with a virus that allows the attacker to instruct the infected computer – known as a “bot” – to send thousands of requests for data to the target.

In effect, this means millions of attempts to access a website at the same time. The website being attacked can’t respond to each one quickly enough so either it simply stops responding or responds to some but not all data requests. Some people get the most up-to-date page and others don’t.

This is particularly damaging for financial information sites such as a stock market. They have a legal duty to give equal access to different users. They would normally shut down and stop trading for a while rather than allow some people to get information before others.

These attacks are not designed to steal data or do insider trading. They are generally set up to demand ransom from the victims, usually asking for thousands of dollars paid in bitcoin or another cryptocurrency which is effectively untraceable. Governments, terrorist organisations, political groups and even pranksters have also been known to use these attacks.

DDoS software is available on the dark web but also not very difficult to write. In many cases the people owning the bots will not be aware anything strange is happening.

The current attacks

Multi-day attacks have been rare but are becoming more common. The size of these attacks, including how many bots are used and their capacity to send requests, has been increasing.

This map shows the number of global attacks on August 15. CC BY-SA

Such multi-day attacks are potentially risky for the attackers as the defence team will be analysing the attacks, often using artificial intelligence tools, and should be able to respond more quickly to block illegitimate requests.

The defence against such attacks is based on being able to cope with the large number of requests, either by moving the website to a cloud-based system that can increase capacity quickly, or identifying bot requests and filtering them out by setting up a “whitelist” of legitimate users and excluding others.

This is normally done by firewalls at the level of each attacked entity, the internet service provider or, as in the case of New Zealand, at a country’s electronic border (for example, the Southern Cross trans-Pacific network of communications cables).

If an attack is coming from inside New Zealand, security software on the bot computer can normally remove the infection with up-to-date anti-virus software. Internet service providers can also detect this activity and may warn users or disconnect the infected machine until it is cleaned. But in this case, the attacks are coming from outside New Zealand.

The COVID-19 pandemic means millions of people are working from home around the world, outside their normal corporate security, often using the family computer. Some people may be less careful about downloading software, particularly on illegal streaming sites, and may be using free or unsecured wifi networks. This makes infecting computers to turn them into bots much easier.

Previous articleOh how unfair!
Next articleHave Your Say

5 COMMENTS

  1. I get bursts of unsolicited emails about a bitcoin account I never sought, gambling accounts set up for me, cash owing on freight I never ordered before delivery can happen, automated phone calls requiring a button push to contact the dirtbag involved……

    All just an irritation and reporting stuff to spam.govt.nz or to Microsoft consistently seemingly does not cure the problem.

    It would be nice to think there are volumes from some sources that an internet provider or phone system could detect as unsolicited nuisance material and deal with in the interests of retaining customers. It would be nice to think spam.govt.nz could nail and dispose of the garbage that is infesting they email system.

    Maybe privacy issues are deemed to get in the way of progress. At least the crap I have reported could be dealt with as I am sure the volume must be sufficient to attract attention and enable the scum responsible to be blocked and dealt with.

    2

    0

Recent posts

Ultra-Processed Food

How Ultra-Processed Food May Affect Your Brain Written by BBC The way ultra-processed foods may affect the brain has caused concern among some health experts. They...

Vaccine Anyone?

Vaccinated people found to be 600% more likely to die from covid "variants" than unvaccinated people BY ETHANH Those who have been injected for the Wuhan...

Tesla Inventions That Changed The World

Seven Nikola Tesla Inventions That Changed The World   165 years ago, on July 10, 1856, the Serbian-American engineer and inventor Nikola Tesla was born. The...

Everyone Is Part Of Huge Experiment

Moderna Rep Admits Everyone Is Part Of Huge Experiment   In the featured video, which aired June 22, 2021, independent reporter Stew Peters plays an audio...

Recent comments

Bon on Have Your Say
Bon on Have Your Say
nasska on Have Your Say
Braybots nemesis on Have Your Say
Lizziep on Have Your Say
Lizziep on Have Your Say
waikatogirl on Have Your Say

The way we all feel about this useless government

Hamilton
clear sky
15.2 ° C
17 °
14.8 °
75 %
1.3kmh
5 %
Sat
15 °
Sun
14 °
Mon
15 °
Tue
14 °
Wed
14 °
NZD - New Zealand Dollar
USD
1.4340
EUR
1.6880
AUD
1.0561
CAD
1.1412
GBP
1.9725
JPY
0.0130
CNY
0.2212
INR
0.0193