On Friday, trading resumed at New Zealand’s stock exchange following offshore Distributed Denial Of Service (DDoS) offshore cyber attacks for four consecutive days.
In a statement, the government said, national security systems had been activated to support the bourse.
While the origin of the “offshore” DDoS attack is being investigated, the failure to stop the attacks has raised questions about New Zealand’s security systems, said experts.
NZX Ltd halted trading until Friday afternoon, with computer systems crashing due to network connectivity issues, marking the fourth consecutive day that trading has been hit.
In a statement, Finance Minister Grant Robertson said, the Government Communications Security Bureau and the national agency fighting cyber crime have been called to help the bourse.
“I can’t go into much more in terms of specific details other than to say that we as a government are treating this very seriously,” said Robertson in a media briefing in Wellington.
“The DDoS attacks forced NZX to halt trading in its cash markets, disrupting operations in its debt market, Fonterra Shareholders Market and derivatives market.” said experts.
“Four days in a row is becoming frustrating and quite disruptive,” said Jeremy Sullivan, an investment adviser at brokerage Hamilton Hindin Greene.
While activity at the bourse is very low, institutional dealers are being able to put through “negotiated trades” by talking to each other directly, said Sullivan.
“The market’s physically capable of running, they’ve put it in a halt so that people aren’t disadvantaged with the website being down, which has material information on it.”
NZX’s main board, debt market and Fonterra Shareholders’ Market resumed trading at 1:00 p.m (0100 GMT).
After the crash earlier on Friday, NZX had said it had been “experiencing connectivity issues which appear similar to those caused by severe DDoS attacks from offshore this week”; while not divulging any details on the source or the impact of the attack.
“We can see the internet traffic was coming through the global gateway, therefore we know it originated offshore, but it’s near impossible to identify where it originated from,” said Spark, a network service provider.
In a statement, New Zealand’s central bank said, cyber attacks could potentially wipe out around 2-3% of the profits of the banking and insurance industries.
“The first attack can happen anytime. But being attacked four days in a row raises some questions,” said Rizwan Asghar, a senior lecturer at the School of Computer Science, University of Auckland. He went on to add, “The real question is what are the resources allocated and threshold set for protecting against these attacks?”