New Zealand Stock Market Halts Trading Amid Cyber Attack

Risky Business


Trading on the New Zealand Stock Exchange has. been halted for like a week because, of Adidas, attack and this was this attack was already happening before adamant I recorded last week shy but we didn't talk about it at the time because we weren't sure what the motivation was. The Cross Church massacre terrorist was sentenced last week. So we thought they could have been a political nexus to the attack, but now it looks like fairly standard. Diaz ransom stuff. Standard. Blackmail. But at a pretty big scale, two, hundred gigabits per second is what is saying that they're tapping? At End. Up Pretty significant target the New Zealand Stock Exchange. This is a little bit risky just like the ransomware people who are going after critical national assets things like hospitals where people are GonNa die I think these guys are playing with fire New Zealand's got a pretty serious Intel capability vice country and I wouldn't be shocked if doing things like going after the Stock Exchange ends up with these guys in the real crosshairs. Yes. are able to take down the part of the ends at X. Website that dealt with company announcements and because they couldn't provide. Appropriate access to company information they had to suspend trading, and it's been up and down all week. So it is actually a pretty it is actually a pretty big deal. This one it looks like this is the same crew may be that was pretending to be Russians like a couple of years while pretending to be like fancy bed, we offensive s and is your bitcoins and that was making some people on the receiving end of those emails feel very important for for a time. Ego boost that you give to your victims but yeah, I, don't think this is how the G. R. U. is monetize their activity. No, and it looks like one of the issues here was that ends at was hosting its DNS servers and its content service on the same network, which is usually a good thing to do. We keep on saying this is a very important pieces of infrastructure where people have not thought through and threat model that. Looks like and and I do think you know any organization of reasonable size needs to have security assessments that don't just try to break in into look at traditional intrusion but to think through if dos attack happens, what is the the thin part of your infrastructure? That's GonNa feel I. This is really interesting because you know obviously most of the exchanges probably disconnect from the Internet on private networks on leased. Lines in such But like you said, if they can take down a web service and a website that is critical to the legal operation of the site, then does it matter if the backend servers still operating they have to stop operation overall? Yeah. This attack campaign is also targeting money Graham braintree and other finance services companies, and we have linked through to a write up on zd by Cowan Kim

Coming up next