New Zealand Exchange Cyberattack Also Hit More Than 100 Firms Globally

Banks, insurers, and other financial firms worldwide were targets of the same attack that crippled the exchange in August.

Bloomberg

February 9, 2021

2 Min Read
The New Zealand Exchange building in Wellington, New Zealand. March 2020
The New Zealand Exchange building in Wellington, New Zealand. March 2020Hagen Hopkins/Getty Images

Yalman Onaran (Bloomberg) -- More than 100 banks, exchanges, insurers and other financial firms worldwide were targets of the same type of cyberattack that crippled the New Zealand Stock Exchange in August, though they didn’t suffer the same extent of damage.

Most companies responded to the attacks with increased spending on cybersecurity, including hiring outside help, according to the Financial Services Information Sharing & Analysis Center, a network of financial firms sharing information about cyber threats. Trading at the New Zealand exchange was halted for four days when the DDoS attack -- short for distributed denial of service -- overwhelmed its network with traffic.

“Once we realized this was a concerted campaign and started alerting all our members, they were able to defend themselves more effectively, showing the power of information-sharing in today’s cyber threat environment,” said Jerry Perullo, chief information security officer of Intercontinental Exchange Inc. and chairman of FS-ISAC. The group declined to identify the firms that were attacked.

Banks, brokers, insurers and other firms have ramped up spending on cybersecurity for at least four years as services move online and attacks escalate. Cyber spending jumped 15% last year, which equates to almost $1 billion for each of the largest U.S. banks. Most financial firms expect cyber spending to rise further this year, according to a Deloitte survey published in November.

The targeted firms all received some form of payment demand to avoid the attacks. Some missed the ransom emails, only to find them in junk-mail folders after being alerted by FS-ISAC. Though the notes were sometimes signed by known North Korean or Russian groups, the perpetrators haven’t been identified.

No member firm of the information-sharing network paid a ransom, according to Teresa Walsh, head of intelligence at FS-ISAC. Many saw the deadline given by the perpetrator pass without incident, while a few experienced heavy attacks. The worst damage, other than NZX, was a few minutes of down time for those firms, she said.

Read more about:

Asia-Pacific
Subscribe to the Data Center Knowledge Newsletter
Get analysis and expert insight on the latest in data center business and technology delivered to your inbox daily.

You May Also Like