Total Tests:

New Zealand activates security services as DDoS outage enters fourth day

By Alex Scroxton for ComputerWeekly
Friday, August 28, 2020

Immuniweb founder and CEO Ilia Kolochenko floated the idea that the attack on NZX may be something of a dress rehearsal for a larger attack against a more prominent target, such as the NASDAQ or London exchanges.

“I don’t think that major cyber gangs have their own interest in, or were hired by someone, to conduct a DDoS capable of repeatedly shutting down NZX [when] even a daily outage of NYSE can lead to multibillion losses around the globe,” he said.

“Unfortunately, not much can be done to prevent large-scale and well-prepared DDoS attacks today. During the pandemic, the average price of bots used for DDoS has fallen and will probably become even more affordable.

“When millions of devices suddenly start a massive attack, it’s a question of network capacity, not network security. We witnessed many examples in the past, when even the largest DDoS protection companies ceased protecting some of their clients under exceptionally large DDoS and gave up.

“Web applications and APIs [application programming interfaces] should, however, be regularly audited for business logic and architectural security flaws that may consume all CPU/RAM and greatly facilitate a DDoS attack.”

The attack on NZX is understood to have originated offshore, according to Spark, the exchange’s network service provider, but further details of its origin are thin on the ground. Read Full Article


Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential