In a joint statement with Spark, NZX said yesterday it "experienced a volumetric DDoS (distributed denial of service) attack from offshore, which impacted NZX system connectivity".
"As such, NZX decided to halt trading in its cash markets at approximately [3.57pm]. A DDoS attack aims to disrupt service by saturating a network with significant volumes of internet traffic."
The statement added that the attack "was able to be mitigated and connectivity has now been restored for NZX".
Professor Dave Parry, Department of Computer Science at AUT, said it was a very serious attack on critical infrastructure in New Zealand.
"The fact that this has happened on a second day indicates a level of sophistication and determination which is relatively rare.
"A Distributed Denial of Service attack (DDoS) works by overloading traffic to internet sites e.g. web servers, etc. This means the web servers cannot service transactions normally and this is clearly a huge issue for a trading site where timing and assurance that transactions have completed are both critical."
Parry said that it is not an issue around New Zealand computers being vulnerable to security breaches, but "it is worth checking that anti-virus and security patches are up to date".
