BeFunky-collage (2) (1)

BusinessAugust 26, 2020

New Zealand’s stock exchange may be under attack from Russian cyber gangs

Guest writer
BeFunky-collage (2) (1)

The NZX was taken offline yesterday and today in response to cyber attacks – potentially from Russian gangs.

What’s all this then?

For the second time in two days, the New Zealand stock exchange NZX was taken offline late this morning in response to offshore cyber attacks. The exchange went down around 11.20am this morning and came back online an hour later 12.20pm only to go offline again around 1.20pm.

For much of the afternoon a message on the website said the exchange was experiencing network connectivity issues and some trading had been halted.

According to an NZX spokesperson, the exchange is working with its network service provider Spark to address the issue.

“It appears that this is similar to yesterday’s issue,” the spokesperson said. “Late Tuesday, the exchange was hit by a DDoS (distributed denial of service) attack that swamped its servers.”

What’s a DDoS?

After the first attack which forced trading to halt at 4pm on Tuesday, the NZX and Spark issued a joint statement explaining that it had been subject to a DDoS attack.

“A DDoS attack aims to disrupt service by saturating a network with significant volumes of internet traffic. The attack was able to be mitigated and connectivity has now been restored for NZX.”

According to Professor Dave Parry of AUT’s department of computer science, the fact that the attack happened over multiple days indicates a high level of sophistication and determination.

“This means the web servers cannot service transactions normally and this is clearly a huge issue for a trading site where timing and assurance that transactions have completed are both critical.

“Attackers normally infect large numbers of ‘innocent’ computers with malware, turning them into ‘bots’ that can be instructed to keep trying to access the affected site. It’s like large numbers of people all shouting at you at once – you can’t distinguish the real messages from the false ones.”

Parry said there are two options for NZX to deal with the DDoS: shutting down the “bots” by getting users to update security patches and delete the malware or by blocking the IP addresses of the bot machines with a firewall so that the NZX site doesn’t have to deal with them.

It’s unclear at this stage how the NZX has chosen to deal with today’s attack while it has shut down its operations.

What is the point of the attack?

While it’s uncertain what the motives were behind the attacks, there are many reasons why cyber criminals would initiate them. NortonLifeLock senior director Mark Gorrie told the NZ Herald he suspects the attacks were likely financial motivated.

“A distributed denial-of-service attack is one of the most powerful weapons on the internet, it overwhelms a site or service with more traffic than the server or network can accommodate. DDoS attacks are a weapon of choice by profit-motivated cybercriminals,” he said.

“In the case of the NZX, we would guess the motivation behind the attack is profit-driven.”

While the NZX has not confirmed whether it has received an extortion demand, the Herald also reports that “DDoS attacks are executed for kicks, to prove a hacker’s chops; some are politically motivated; others have criminal intent”.

Who’s behind it?

The identity of the cyber criminals has not yet been confirmed as they are often difficult to track down. Dr Rizwan Asghar at the school of computer science at Auckland University told Stuff the culprits tended to hide their IP addresses.

Both the GCSB’s National Cyber Security Centre and Crown cyber security agency Cert NZ said they don’t general comment on specific cases so couldn’t provide details of who the culprits may be.

However, late last year Cert NZ issued an alert warning about Russian cyber gangs targeting companies within the New Zealand financial sector with extortion emails.

“The emails claim to be from a Russian group called ‘Fancy Bear / Cozy Bear’ and demand a ransom to avoid denial-of-service attacks. They carry out a short denial-of-service attack against a company’s IP address to demonstrate their intent. So far, a larger denial-of-service hasn’t happened if the ransom is not paid.”

If targeted, Cert NZ advices companies not to pay the ransom as it could entice further attacks. It also instructs companies to work with their ISPs and use a denial-of-service protection service,to prevent the denial-of-service traffic from reaching their systems.

However, AUT’s Dave Parry said that because the software and skills to carry out a DDoS are relatively accessible, anyone could be behind it, including foreign governments.

“These sort of attacks can be mounted by governments or private criminal gangs. Recently, Australia has pointed the finger at the Chinese government for similar attacks; the Chinese government has strongly denied this.”

Is the government involved?

As this is an offshore attack impeding critical New Zealand infrastructure, Parry said the government is most likely helping the NZX rectify the issue.

More Reading
One NZ has tied its future to SpaceX rockets. Will the mission succeed? The final frontier is coming to New Zealand, with profound implications for us all.
Inside the dying industry of cargo ship travel Until 2020, it was possible to book a voyage on a cargo ship. Today, it's virtually impossible, despite being a greener, languid alternative to air travel.

“GCSB will be involved along with Cert NZ in trying to identify the source of the attack,” he said.

“Unfortunately, the skills and software to do this are widely available and the disruption of Covid-19 and people working from home all over the world potentially with lower security on their computers means that these attacks are easier than usual.”

He said it’s worth New Zealanders checking their anti-virus software and security patches are up to date, and notifying their ISP if there is unusual activity.

Keep going!
Cold homes cause a wide range of illnesses (Getty Images)
Cold homes cause a wide range of illnesses (Getty Images)

BusinessAugust 26, 2020

Covid-19 has made our cold, damp housing problem even more serious

Guest writer
Cold homes cause a wide range of illnesses (Getty Images)
Cold homes cause a wide range of illnesses (Getty Images)

Cold, damp and mouldy homes are devastating to human heath. But Covid-19 has illuminated the true danger of our national problem.

Is there anything more quintessentially Kiwi than a cold, damp home? The black mould on the windowsills, the musty odour in the wardrobe, the sore throat in the morning: they’ve all become the common features of the classic Aotearoa abode, so normalised and accepted that even landlords don’t take them seriously.

But nothing could be more serious, according to the statistics. Almost 1600 New Zealanders die from respiratory illnesses because of our abysmal housing every year and about 80,000 people end up in hospital including nearly 30,000 children.

Among developed countries, New Zealand also has one of the highest rates of asthma and skin infections, conditions exacerbated by toxic mould exposure in damp houses. Nearly 600,000 New Zealanders are living with asthma and of all ethnicities, Māori and Pasifika are three times more likely to end up hospitalised because of it.

They’re stark stats, and have certainly compelled academics and policy makers to try and address the problem over recent years. However, while many of us still regard our substandard houses as something of a nuisance or a cultural idiosyncrasy, fear of Covid-19 has illuminated just how dangerous the issue is.

While cold and damp homes are terrible environments for human beings in general, they can be particularly harsh for immunocompromised people or those with severe respiratory illnesses. Those with chronic obstructive pulmonary disease (COPD) for instance are at particular risk, with high humidity, dust mites and mould exacerbating symptoms.

Black mould is extremely toxic to those who have a sensitivity or are immunocompromised (Getty Images)

The evidence has shown that those with pre-existing respiratory conditions such as COPD will have a harder time fighting off Covid-19 and are at an increased risk of severe illness. New Zealand’s very first person whose death was attributed to Covid-19 also had COPD. According to the Asthma Foundation, 11,842 New Zealanders aged 45 and over were hospitalised due to COPD in 2017 and there could be approximately 200,000 New Zealanders living with COPD undiagnosed.

As for links between Covid-19 and environments themselves, research has suggested the virus survives far longer in cold environments – an idea that has spawned a great deal of interest in New Zealand after it was hypothesised the latest Auckland Covid-19 outbreak was imported in a refrigeration unit. While that theory has been disputed, a European study found that cold temperatures exacerbate the severity of Covid-19. Among the 7000 patients researchers analysed, there was a roughly 15% drop in mortality for every 1% rise in temperature.

However, excessively dry environments are also an issue. A study focused on Greater Sydney during the early stages of the epidemic found an association between lower humidity and an increase in community transmission.

One of the researches, Professor Michael Ward, an epidemiologist in the Sydney School of Veterinary Science at the University of Sydney, said dry air appears to favour the spread of Covid-19.

“When the humidity is lower, the air is drier and it makes the aerosols smaller,” he said. “When you sneeze and cough those smaller infectious aerosols can stay suspended in the air for longer. That increases the exposure for other people. When the air is humid and the aerosols are larger and heavier, they fall and hit surfaces quicker.”

It’s quite the predicament: a cold and damp home renders people more susceptible to the virus – and many other illnesses – while an excessively dry environment means Covid-19 will spread more easily.

So other than a comprehensive health response to treat those living with the range of illnesses caused by substandard homes, how can we change our environments to prevent it?

James Powers, the director of building science company Oculus, says it all comes down to applying better performance requirements when we build or rent houses.

“It’s particularly bad in New Zealand, as evidenced by our housing related health problems,” he says. “Our homes are typically too cold and too damp. Because we don’t heat and ventilate our homes effectively, and the reasons we don’t do this is because the code has been below standard for some time.”

Director of Oculus, James Powers (Photo: Supplied)

Powers says the building code clause for an interior environment is woefully archaic, only mandating for an internal temperature of 16 degrees in childcare centres and retirement homes. For a long time there has been no requirement to build efficient, sealed homes that maintain internal temperature and adequately ventilate air – the essential components of a warm house with the right humidity.

He says there’s a range of factors people need to consider when building or renting houses that will help keep the occupants healthy and free from illness.

“An internal environment is made up of relative humidity, it’s made up of thermal comfort and it’s made up of internal contaminants like CO2 or mould or dust mites or volatile organic compounds; all of the nasties that we get in our homes. There’s nothing to specify what performance standards should be achieved.”

While some new houses such as those being built by Kāinga Ora are being designed over and above what the building code requires, Powers says the problem is with many existing houses, which are poorly insulated and only have single-glazed windows. While recent changes to the Tenancy Act require landlords to provide ceiling and underfloor insulation where accessible, Powers says it’s terribly inadequate.

“It’s just not robust enough. Even if they put in a heat pump, a lot of that heating is going to escape through single-glazed windows and lack of insulation. It’s going to be very expensive to heat.”

So until better standards are enforced, it’s essentially down to the landlords and builders to go beyond the current requirements. While that won’t always happen, Powers says there are simple ways for occupants to try improve indoor air quality.

“If you’re in Auckland, because the external humidity is so high, what will happen is once you start to heat your home that relative humidity will come down, but then what you have to do is ventilate your home effectively to get rid off all that excess moisture that comes from cooking and cleaning, and then you’ll find your humidity comes down to that goldilocks zone.”

The idea humidity zone for most houses is 40% to 60%. Powers says this range allows proper function of the respiratory and immune systems, has an evaporating effect on airborne viruses slowing their transmission, and also prompts the inactivation of viruses.

The first port of call, he says, is for occupants to measure the humidity of their homes with a testing device that can be bought online and in hardware stores for about $25. After that, it’s a case of asking landlords to provide better ventilation and double glazed windows to keep homes sealed. Oculus has published a healthy homes guide with tips for people to create a healthy indoor environment.

While opening windows and using dehumidifiers is the conventional approach, there is typically little evidence to support their effectiveness. Opening windows can sometimes make indoor humidity worse. According to Oculus, the best thing people can do is leave the heat on, leave any extractor fans in the kitchens and bathrooms on so that old air is pulled out, circulate air around the room with a fan, and seal all windows to prevent drafts.

Business