NZ Stock Exchange DDoS Attacks Remind Enterprises to Check Defence Security

65
Risna Steenkamp, General Manager: ESM Division at Networks Unlimited Africa

At the end of August, a series of cyberattacks on the New Zealand Stock Exchange over five consecutive days forced it to halt trading for a number of hours for four out of those five days. The attacks raised questions about the stock exchange’s security, as well as the threat actors’ underlying motives.

“This was a series of distributed denial of service (DDoS) incidents, in which threat actors disrupted the normal traffic to the enterprise by overwhelming the target with a flood of internet traffic at volumes that the system just couldn’t handle,” explains Risna Steenkamp, General Manager: ESM at value-added distributor Networks Unlimited Africa.

“In financial services terms, the New Zealand Stock Exchange is a relatively small stock exchange. There is, however, speculation that, besides the possibility of stock manipulation on the exchange itself, this may have been a ‘practice run’ for an attack on a much bigger global stock exchange in the current volatile market conditions. At any rate, the attacks serve as a caution to any business, reminding us that threat actors never stop looking for opportunities. It is imperative to provide security for both the ‘first’ and ‘last’ lines of defence in your organisation.”

At the end of June, NETSCOUT, a provider of service assurance, security, and business analytics, had observed around 4.6 million DDoS attacks worldwide. In comparison, last year’s total for the whole of 2019 was around 8.4 million attacks.


NETSCOUT noted that: “…if the increased cadence of attacks seen during the onset of the Covid-19 virus pandemic continues, we anticipate a statistically-significant increase in DDoS attacks for 2020 as a whole.”

Steenkamp comments, “As the number of DDoS attacks continues to grow globally, as well as the different types of attacks, DDoS detection, prevention and mitigation has become a critical element of security for IT professionals, in order to ensure business continuity even when under attack.”

“Security teams need best-of-breed cybersecurity solutions that can detect and stop all types of cyber threats – both entering and leaving their networks. These solutions must be able to integrate into an organisation’s existing security stack.”

NETSCOUT Arbor Edge Defense (AED) works to stop inbound threats as well as outbound communication from internal compromised hosts, in this way essentially acting as the first and last line of defence for organisations.

This is facilitated by its unique position on the network edge, between the router and the firewall; its stateless technology that blocks cyber threats (each interaction request is handled based entirely on information that comes with it); and the continuous threat intelligence it receives from NETSCOUT’s ATLAS Threat Intelligence.

“NETSCOUT Arbor Edge Defense also provides DDoS protection for attacks of up to 40 Gbps in bandwidth volume,” clarifies Steenkamp. “Its additional capability of blocking threats that emanate from inside an enterprise, such as botnet traffic and connections to known bad URLs, means that the organisation is able to block outbound communication from compromised internal devices to attacker command and control infrastructure, to stop the proliferation of attacker and malware within your organisation, and ultimately avoid a data breach.”

NETSCOUT Arbor Edge Defense is deployed in an enterprise network as either a physical or virtual appliance. It also benefits from the larger NETSCOUT Arbor cloud resources for larger-scale DDoS mitigation.

Staff writer