The New Zealand stock exchange (NZX) has been the victim of a Distributed Denial-of-Service (DDoS) attack that has forced it to shut down. Twice over the past 48 hours, NZX has been forced to halt all trading due to these attacks. A DDoS attack, in its simplest terms, is a resource exhaustion attack in which an attacker uses a botnet to flood the network with more traffic than it is designed to handle. While NZX hasn’t named the threat actor or the method used to launch the DDoS attacks, there is a large chance that an attacker used a DDoS-for-hire service. Law enforcement agencies across the globe are actively trying to shut down these services and track down the originators and users of these services. A report from Kaspersky Labs estimates the cost of these attacks to be around $120,000 each for small businesses and over $2 million for large organizations.
Analyst Notes
The most difficult part of defending from DDoS attacks is differentiating between legitimate and illegitimate traffic. One solution to mitigate an attack is by creating a “black hole” route which sends all traffic to a null route, or black hole, to drop all traffic from the network after an attack is detected. Another method is through rate-limiting. Rate-limiting is simply limiting the number of server requests over a specified amount of time. There are other methods of mitigation, but these are the simplest. The counterintelligence team at Binary Defense can also help by searching for any mentions of an organization on forums where cyberattackers discuss their plans and alert our partners to these threats before they happen.
Source article: https://www.bleepingcomputer.com/news/security/new-zealand-stock-exchange-halted-trading-after-ddos-attacks/
