CASE STUDY - The Massive DDoS Attack on New Zealand Exchange(INTRODUCTION)

 Introduction 

                                                                                                 (BBC, 2020)

As reported by Farrer(2020): "during August this year, New Zealand’s stock market has been interrupted by an overseas cyber attack for two days which led to the halting of the market". This attack was an attempted extortion by launching a massive distributed denial-of-service attack on the NZX(Kirk, 2020).
The DDoS attack on the New Zealand Exchange had an impact on the NZX network connectivity which led to the halting of the market(BBC,2020). A Distributed Denial of Service attack, or DDoS in short, is an attack which attempts to crash online-servers and systems by flooding or overwhelming it with data(Petters,2020). Such attacks normally work by flooding a system with requests which then leads to the overwhelming of the internet bandwidth, CPU and RAM capacity(Hulme, 2020).
These attacks are mainly classified into three classes:
1. Volume-based attacks: Overwhelms resources such as websites using huge amount of fake traffic(Hulme, 2020).
2. Protocol/Network-Layer attacks: Sends massive amounts of packets to targeted network infrastructures(Hulme, 2020).
3. Application-Layer attacks: Flooding applications using malicious requests(Hulme, 2020).

                                                                   (Authors' work)

Below is a screenshot taken from the digitalattackmap site on the 25th of November 2020 showing the DDoS attacks occurring worldwide.

                                                                         (ARBOR, 2020)

The aim of this case study is to explain the reason on why the NZX struggled to bring their main website back up, explain the risk of such attacks and the reason on why this occurred, from a digital forensics perspective.




Reference(s):

bbc, (2020). [image] Available at: <https://ichef.bbci.co.uk/news/800/cpsprodpb/11333/production/_114115407_gettyimages-168439168.jpg> [Accessed 23 November 2020].

Hulme, G., 2020. Ddos Explained: How Distributed Denial Of Service Attacks Are Evolving. [online] CSO Online. Available at: <https://www.csoonline.com/article/3222095/ddos-explained-how-denial-of-service-attacks-are-evolving.html> [Accessed 24 November 2020].

Farrer, M., (2020). New Zealand Stock Exchange Hit By Cyber Attack For Second Day. [online] theguardian. Available at: <https://www.theguardian.com/technology/2020/aug/26/new-zealand-stock-exchange-hit-by-cyber-attack-for-second-day> [Accessed 23 November 2020].

Kirk, J., (2020). New Zealand Exchange's Massive DDoS Attack: What Went Wrong?. [online] Bankinfosecurity.com. Available at: <https://www.bankinfosecurity.com/new-zealands-massive-ddos-attack-what-went-wrong-a-14980> [Accessed 23 November 2020].

ARBOR, (2020). Digital Attack Map. [online] Digitalattackmap.com. Available at: <https://www.digitalattackmap.com/> [Accessed 24 November 2020].