Daily Bulletin


  • Written by Dave Parry, Head of the Department of Computer Science, Auckland University of Technology

The Government Communications Security Bureau (GCSB) has issued a warning to all New Zealand businesses to be prepared for cyber attacks, following almost a week of daily attacks on the New Zealand stock exchange (NZX).

The attacks have caused outages, sometimes for hours, of NZX’s public-facing website since Tuesday last week. This week, it continued trading under a new arrangement that allows it to post information to alternative platforms.

The attacks are part of worldwide malicious cyber activity and the government will likely share information via Interpol and government-to-government links, including the intelligence alliance know as Five Eyes.

Creating millions of bots

The type of attack is known as a Distributed Denial of Service (DDoS). The attacker infects large numbers, often thousands or even millions, of computers with a virus that allows the attacker to instruct the infected computer - known as a “bot” - to send thousands of requests for data to the target.

Read more: Australia is under sustained cyber attack, warns the government. What's going on, and what should businesses do?

In effect, this means millions of attempts to access a website at the same time. The website being attacked can’t respond to each one quickly enough so either it simply stops responding or responds to some but not all data requests. Some people get the most up-to-date page and others don’t.

This is particularly damaging for financial information sites such as a stock market. They have a legal duty to give equal access to different users. They would normally shut down and stop trading for a while rather than allow some people to get information before others.

These attacks are not designed to steal data or do insider trading. They are generally set up to demand ransom from the victims, usually asking for thousands of dollars paid in bitcoin or another cryptocurrency which is effectively untraceable. Governments, terrorist organisations, political groups and even pranksters have also been known to use these attacks.

DDoS software is available on the dark web but also not very difficult to write. In many cases the people owning the bots will not be aware anything strange is happening.

The current attacks

Multi-day attacks have been rare but are becoming more common. The size of these attacks, including how many bots are used and their capacity to send requests, has been increasing.

Global map of cyber attacks. This map shows the number of global attacks on August 15. CC BY-SA

Such multi-day attacks are potentially risky for the attackers as the defence team will be analysing the attacks, often using artificial intelligence tools, and should be able to respond more quickly to block illegitimate requests.

The defence against such attacks is based on being able to cope with the large number of requests, either by moving the website to a cloud-based system that can increase capacity quickly, or identifying bot requests and filtering them out by setting up a “whitelist” of legitimate users and excluding others.

This is normally done by firewalls at the level of each attacked entity, the internet service provider or, as in the case of New Zealand, at a country’s electronic border (for example, the Southern Cross trans-Pacific network of communications cables).

If an attack is coming from inside New Zealand, security software on the bot computer can normally remove the infection with up-to-date anti-virus software. Internet service providers can also detect this activity and may warn users or disconnect the infected machine until it is cleaned. But in this case, the attacks are coming from outside New Zealand.

The COVID-19 pandemic means millions of people are working from home around the world, outside their normal corporate security, often using the family computer. Some people may be less careful about downloading software, particularly on illegal streaming sites, and may be using free or unsecured wifi networks. This makes infecting computers to turn them into bots much easier.

Read more: Why international law is failing to keep pace with technology in preventing cyber attacks

How to repond

Assuming this is a criminal gang, financial institutes are an attractive target. They rely on availability of service and potentially have money to pay ransoms.

In New Zealand, disaster management and recovery has tended to focus on responses to natural hazards rather than criminal activity. New Zealand does not have local cloud providers and expanding capacity is more difficult.

Even if NZX won’t pay a ransom, this attack is “advertising” for the criminal gangs that may act as “subcontactors” to larger criminal organisations.

The government’s aim will not be to catch the perpetrators in the short term but to share information on how to block the attacks. Normally the response is effective, but it can take some time to analyse details.

At the same time, other attacks (for example phishing to steal data) may use the confusion caused by the DDoS attacks to target potential victims. Organisations should encourage people to update their security software and remain vigilant.

In the future, as the internet of things (IoT) becomes more widespread, many billions of new devices will be connected to the internet. Security standards and forensic capability (storing data to analyse attacks) are not universal and there is a danger that these attacks will become more common and larger in scale.

But defence is possible and both technical and policy approaches are getting better. Artificial intelligence tools for rapidly analysing attacks are the focus of research.

Support for governments in vulnerable areas is also increasing to enforce international agreements, clarify local law and share information between network providers. For example, Macau recently introduced a much tougher cyber security law which seems to have been very effective.

Authors: Dave Parry, Head of the Department of Computer Science, Auckland University of Technology

Read more https://theconversation.com/nzs-cyber-security-centre-warns-more-attacks-likely-following-stock-market-outages-145320

Writers Wanted

Victoria and NSW are funding extra tutors to help struggling students. Here's what parents need to know about the schemes


The mystery of the blue flower: nature's rare colour owes its existence to bee vision


Curb population growth to tackle climate change: now that's a tough ask


The Conversation


Ray Hadley's interview with Scott Morrison

RAY HADLEY: Prime Minister, good morning.    PRIME MINISTER: G’day Ray.   HADLEY: I was just referring to this story from the Courier Mail, which you’ve probably caught up with today about t...

Ray Hadley & Scott Morrison - avatar Ray Hadley & Scott Morrison

Prime Minister's Remarks to Joint Party Room

PRIME MINISTER: Well, it is great to be back in the party room, the joint party room. It’s great to have everybody back here. It’s great to officially welcome Garth who joins us. Welcome, Garth...

Scott Morrison - avatar Scott Morrison

Prime Minister Interview with Ben Fordham, 2GB

BEN FORDHAM: Scott Morrison, good morning to you.    PRIME MINISTER: Good morning, Ben. How are you?    FORDHAM: Good. How many days have you got to go?   PRIME MINISTER: I've got another we...

Scott Morrison - avatar Scott Morrison

Business News

Tips to find the best plastic manufacturing supplier for your needs

Plastics are very much an important part of all of our lives, but they’re particularly valuable to a wide variety of industries that rely on their production for their operations. The industries, ...

News Co - avatar News Co

7 foolproof tips for bidding successfully at a property auction

Auctions can be beneficial for prospective buyers, as they are transparent and fair. If you reach the limit you are willing to pay, you can simply walk away. Another benefit of an auction is tha...

Dominique Grubisa - avatar Dominique Grubisa

Getting Ready to Code? These Popular and Easy Programming Languages Can Get You Started

According to HOLP (History Encyclopedia of Programing Languages), there are more than 8,000 programming languages, some dating as far back as the 18th century. Although there might be as many pr...

News Co - avatar News Co

News Co Media Group

Content & Technology Connecting Global Audiences

More Information - Less Opinion