Business Continuity Management / Disaster Recovery , DDoS Protection , Governance & Risk Management

New Zealand Exchange's Massive DDoS Attack: What Went Wrong?

Daniel Ayers Says Redundancy, Diversity Are Keys to Risk Mitigation
IT security consultant Daniel Ayers

New Zealand’s stock exchange, NZX, fell under a massive distributed denial-of-service attack at the end of August that was part of an extortion attempt.

See Also: Top Ten Considerations When Choosing a Modern Single Sign-On Solution

The DDoS attack didn’t affect the exchange's trading engine, but NZX was forced to shut it down because it couldn’t publish public announcements on its website, which was directly under attack. NZX battled against the attacks with its service provider, Spark, for days and scrambled to secure strong DDoS mitigation services (see New Zealand Stock Exchange Trades Again After DDoS).

While NZX hasn’t provided a postmortem, some of the roots of the problem are clear, says Daniel Ayers, a New Zealand-based IT security and cloud consultant. NZX at one time had just two Domain Name System nameservers on one IP space, and they were easily crushed under the intensity of the attacks.

“It’s really important to make sure that your DNS servers are robust and diverse – spread around the internet,” Ayers says.

NZX’s two nameservers also lacked adequate DDoS protection, which left NZX in a high-pressure situation to bring its main website back online.

“The best way to protect against that is to have nameservers that are provided by or hosted by large cloud providers or CDN services,” Ayers says.

In this video interview (see link below photo), Ayers discusses:

  • Why NZX struggled for days to bring its main website back online;
  • How companies should judge their risk of falling under DDoS;
  • Why having a portable IP space can offer more flexibility when under a DDoS attack.

Ayers is a New Zealand-based IT consultant with expertise in computer forensics, networking and security. He has testified in Australian and New Zealand courts on IT and computer forensic topics. He previously was head of engineering at Strasmore Inc. and director of Special Tactics Ltd., which specializes in digital forensics and IT security consulting.

About the Author

Jeremy Kirk

Jeremy Kirk

Managing Editor, Security and Technology, ISMG

Kirk is a veteran journalist who has reported from more than a dozen countries. Based in Sydney, he is Managing Editor for Security and Technology for Information Security Media Group. Prior to ISMG, he worked from London and Sydney covering computer security and privacy for International Data Group. Further back, he covered military affairs from Seoul, South Korea, and general assignment news for his hometown paper in Illinois.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.