DDoS attacks NZ: What are they and should you be concerned?
As you may be aware, the New Zealand Stock Exchange (NZX) experienced multiple “distributed denial of service” (DDoS) attacks last week, resulting in extended periods of business disruption. In this article, we explain what a DDoS attack is and whether it’s something you should be concerned about. We’ll also outline what measures can help protect your business against cyber-attacks like this one.
What is a DDoS attack?
A DDoS attack works by overwhelming a website (or service) with a flood of network traffic. The targeted website or service either cannot be accessed by genuine users or crashes completely. If the target is high-profile enough, hackers may also put forward a ransom demand – and, if not paid, will continue the flood the organisation with network traffic.
Why was the NZX targeted?
One theory is that overseas hackers are targeting banking, financial, and retail businesses around the world. According to Professor Dave Parry in an interview with RNZ, it appears that cyber-criminals may be using New Zealand to showcase their hacking abilities on a range of unprotected sites. They generally make money from contracting their skills out to other criminals, so this serves them well.
NZX is the most high-profile target, but other organisations have been targeted too, including Stuff, RNZ, banks, and even the Met Service.
It’s important to note that a DDoS attack costs the attackers money to organise. So far, all recent attacks have been fought off successfully, leaving the attackers out of pocket – and with the NZ Security Intelligence Service now investigating their trail. This means that ongoing risk of this type of attack is unlikely to be high.
What you should have in place
This type of cyber-attack isn’t new, nor is it particularly sophisticated, but it is something to be aware of. Ideally, to prevent cyber-attacks, your business should have:
Network behaviour analysis software installed on your website. This will notify you of any sharp increase in website traffic or bandwidth usage and can block any anomalies so that genuine traffic can get through.
A security-breach response plan to help you respond to and recover from a security incident.
A threat-intelligence feed detailing any potential threats. Sources of threat-intelligence data include free indicator feeds, (such as the security subscription offered by cert.govt.nz) paid feeds, bulletins, internal intelligence gathering, and strategic partnerships.
Should you be worried?
If you rely on your website or a web application for a major part of your business, this type of threat will be more of a concern for you. Be sure that you are protected from such an attack.
For example, if you run an e-commerce website, if your website is your main source of leads, or if you have a web-based help desk/live chat service, you will experience a disruption to services and/or sales if you are successfully targeted by a DDoS attack.
If your business doesn’t rely heavily on any of the above, consider whether you rely on any third-party web applications (such as Xero, CRM applications, or similar SaaS products) to operate your business.
We recommend that you get in touch with those vendors and confirm what security policies they have in place to protect themselves – and you – from such an attack.
We provide DDoS protection and can advise you on the best solution for your company’s needs. If you are concerned about your website security, contact us. Please note that we are unable to provide protection for third-party applications.