CASE STUDY - The Massive DDoS Attack on New Zealand Exchange(DISCUSSION)

Discussion

According to findings, the main reason why the NZX had a hard time with the attack was mainly related to the DNS nameservers it had. The NZX only had two DNS nameservers sitting on one IP space which was highly affected by the intense attacks(Ayers, 2020).To avoid such issues, it is vital that DNS servers are made to be robust and diverse, spreading across the internet. According to Ayers, the two nameservers the NZX had did not have good DDoS protection and that this protection did not protect anything at all which made it difficult for the NZX to bring their website back online. Having nameservers provided or hosted by cloud providers or CDN services is the best way to protect against such attacks(Ayers, 2020). In an interview, it was also mentioned by Ayers that owning a portable address space is preferable. The NZX did not have their own allocation of IP space which did not allow them to react quickly. If they did have on they could have easily reacted to the attack by either changing the internet connection point or signing up for DDoS protection.

The NZX did not even explain the reason for the occurrence of this situation, and the full details regarding this incident were obviously held with high confidentiality, hence why the study is quite limited.




Reference(s):

Ayers, D., (2020). New Zealand Exchange's Massive Ddos Attack: What Went Wrong?. [online] Bankinfosecurity.com. Available at: <https://www.bankinfosecurity.com/new-zealands-massive-ddos-attack-what-went-wrong-a-14980> [Accessed 28 November 2020].