Join our subscribers
New Zealand activates security services as DDoS outage enters fourth day
Friday, August 28, 2020
Immuniweb founder and CEO Ilia Kolochenko floated the idea that the attack on NZX may be something of a dress rehearsal for a larger attack against a more prominent target, such as the NASDAQ or London exchanges.
“I don’t think that major cyber gangs have their own interest in, or were hired by someone, to conduct a DDoS capable of repeatedly shutting down NZX [when] even a daily outage of NYSE can lead to multibillion losses around the globe,” he said.
“Unfortunately, not much can be done to prevent large-scale and well-prepared DDoS attacks today. During the pandemic, the average price of bots used for DDoS has fallen and will probably become even more affordable.
“When millions of devices suddenly start a massive attack, it’s a question of network capacity, not network security. We witnessed many examples in the past, when even the largest DDoS protection companies ceased protecting some of their clients under exceptionally large DDoS and gave up.
“Web applications and APIs [application programming interfaces] should, however, be regularly audited for business logic and architectural security flaws that may consume all CPU/RAM and greatly facilitate a DDoS attack.”
The attack on NZX is understood to have originated offshore, according to Spark, the exchange’s network service provider, but further details of its origin are thin on the ground. Read Full Article
CPO Magazine: Ritz Hotel Data Breach Allowed Scammers to Make Expensive Purchases With Stolen Credit Card Information
BankInfoSecurity: DDoS Attacks Shut Down New Zealand Stock Exchange
