At the end of August, a series of cyberattacks on the New Zealand Stock Exchange over five consecutive days forced it to halt trading for a number of hours for four out of those five days.
The attacks raised questions about the stock exchange’s security, as well as the threat actors’ underlying motives. And the outlook is not good for other stock markets.
“This was a series of distributed denial of service (DDoS) incidents, in which threat actors disrupted the normal traffic to the enterprise by overwhelming the target with a flood of internet traffic at volumes that the system just couldn’t handle,” says Risna Steenkamp, general manager for ESM at distributor Networks Unlimited Africa.
“In financial services terms, the New Zealand Stock Exchange is a relatively small stock exchange. There is, however, speculation that, besides the possibility of stock manipulation on the exchange itself, this may have been a ‘practice run’ for an attack on a much bigger global stock exchange in the current volatile market conditions.
“The attacks serve as a caution to any business, reminding us that threat actors never stop looking for opportunities. It is imperative to provide security for both the first and last lines of defence in your organisation.”
At the end of June, Netscout, a provider of service assurance, security, and business analytics, had observed around 4.6-million DDoS attacks worldwide. In comparison, 2019’s total for the whole year was around 8.4 million attacks. Nescout noted that “if the increased cadence of attacks seen during the onset of the Covid-19 virus pandemic continues, we anticipate a statistically-significant increase in DDoS attacks for 2020 as a whole”.
Steenkamp says: “As the number of DDoS attacks continues to grow globally, as well as the different types of attacks, DDoS detection, prevention and mitigation has become a critical element of security for IT professionals, in order to ensure business continuity even when under attack.
“Security teams need best-of-breed cybersecurity solutions that can detect and stop all types of cyber threats – both entering and leaving their networks. These solutions must be able to integrate into an organisation’s existing security stack.”
Netscout Arbor Edge Defense (AED) works to stop inbound threats as well as outbound communication from internal compromised hosts, in this way essentially acting as the first and last line of defence for organisations.
This is facilitated by its position on the network edge, between the router and the firewall; its stateless technology that blocks cyber threats (each interaction request is handled based entirely on information that comes with it); and the continuous threat intelligence it receives from Netscout’s Atlas Threat Intelligence.
“Netscout Arbor Edge Defense also provides DDoS protection for attacks of up to 40 Gbps in bandwidth volume,” says Steenkamp. “Its additional capability of blocking threats that emanate from inside an enterprise, such as botnet traffic and connections to known bad URLs, means that the organisation is able to block outbound communication from compromised internal devices to attacker command and control infrastructure, to stop the proliferation of attacker and malware within your organisation, and ultimately avoid a data breach.”