A few years ago, I wrote a thriller novel called Fallen Angel.
It was John le Carré meets speculative sci-fi. A foreign enemy plans to unleash a devastating cyberattack on New Zealand’s digital infrastructure — only to be stopped in the nick of time.
When I first published the story, I had my fair share of sceptical reviews. ‘Good entertainment but barely plausible. New Zealand isn’t America or Britain. It’s peaceful and isolated. No one would want to attack this country.’
A fair point. But fiction, especially the dystopian kind, can sometimes come true. That’s exactly what happened last week.
Imagine being held hostage by an enemy you can’t see
From August 25th to 28th, a real-life cyberattack struck the New Zealand Stock Exchange. For four days, trading was disrupted by a tidal wave of zombie data flooding the network.
It was a bewildering experience. You couldn’t buy shares. Couldn’t sell shares. You were paralysed. Frozen stiff.
This style of digital warfare is known as DDoS — distributed denial-of-service. It’s about unleashing a huge volume of traffic against an intended target. Choking up servers. Bringing down websites.
Right now, the finger is being pointed at a Russian group operating under the name ‘Fancy Bear’. And the situation is now so serious that Kiwi spies from the GCSB (Government Communications Security Bureau) have been brought in to assess the damage and prevent the next wave of attacks.
So…why did this event happen in the first place? And why was New Zealand targeted?
Here are several possible reasons why.
The political angle behind the NZX attack
The Five Eyes is a Western alliance made up of five countries in the Anglosphere — the United States, the United Kingdom, Canada, Australia, and New Zealand.
Source: Asia Times
During the Cold War, the Five Eyes were assembled to spy on the Soviet Union. Their specialty was signals intelligence — the interception and capture of phone calls, fax messages, radio transmissions, and so on.
In an age where direct confrontation was avoided and subterfuge was preferred, the Five Eyes proved to be a formidable asset. Working from the shadows, it played a key role in the eventual downfall of the Soviet Union in 1991.
Today, Russian ultranationalists often hunger for a return to Soviet glory — yet they cannot hope to compete openly against the Five Eyes. The Russian economy is, in fact, smaller than the economy of Texas.
For this reason, Russia may decide to engage in proxy digital warfare. Cyberattacks are relatively cheap and anonymous to manufacture. And there are signs that Russia has cultivated a friendly relationship with hacker gangs. Instead of clamping down on these criminals, Russia may actually be encouraging them to expand and strike Western targets.
Russian cyberwarriors have apparently done everything from disabling Ukrainian artillery defences to stealing information from American journalists. And they may just be warming up.
Going for easy prey
New Zealand is the smallest and weakest member of the Five Eyes. It has the most vulnerable stock exchange. Could this explain why it was hit? Is economic terrorism the motive here?
Here’s a curious fact to consider. On February 21st, the NZX 50 Index previously achieved an all-time high of 12,073 points. Then the market experienced a crash because of COVID-19 fears, falling to a low of 8,498 points on March 23rd.
The index has since recovered sharply. It was climbing and climbing, set to hit another all-time high. Then, in a stroke of bad luck, that upward trajectory was interrupted by the cyberattack.
For several tense days, progress was stalled, and it felt like that milestone would never be achieved.
Ultimately, though, there was sweet relief. The NZX managed to achieve that goal. On August 28th, by the time the closing bell rang, it successfully hit 12,093 points. Yes, a new all-time high. But it was a tough battle. Our security experts and spooks had to fight through a vicious onslaught of zombie data just to get over the finish line.
Is the timing of this attack a coincidence? Maybe. But I’m reminded of what Ian Fleming famously said: ‘Once is happenstance. Twice is coincidence. Three times is enemy action.’
The profit motive behind the NZX attack
But maybe politics isn’t the main reason for the attack. Maybe straight-up greed and extortion is a more immediate factor.
Recent history might provide a clue.
Back in July, American tech company Garmin was also hit by a surge of cyberattacks. It was a devastating event, seemingly perpetrated by foreign hackers. Garmin’s products and services were taken offline — and their precious data was locked up by ransomware.
Ransomware, as the name implies, is a cunning virus that encrypts your data, preventing you from using it. You are faced with an unsavoury choice: either pay up or face being locked out indefinitely.
Source: The Verge
If the reports are to believed, Garmin caved in and paid the ransom — to the tune of US$10 million. The company apparently decided that the cost of dealing with the criminals was better than the horrifying alternative: which was indefinite shutdown.
To date, there’s no indication that the NZX has paid any ransom to the criminals responsible for the cyberattacks here. And maybe that’s just as well. When you negotiate with terrorists, you run the risk of financing even more terrorism. Not an ideal result.
A wake-up call
Are you investing solely in one place? Are you doing it because you think it’s safe and familiar? Well, think again. It’s a wild and unruly world we live in. And there’s always a risk of disruption and loss when you put all your eggs in one basket.
It’s good to diversify. It’s good to anticipate and adapt. In our Lifetime Wealth Investor premium research service, we now show you over 20 dynamic opportunities all around the world — spread across industries like technology, property, pharmaceuticals, financials, and so much more.
Stay safe. Go global. Secure multiple baskets of eggs for yourself.
Analyst, Wealth Morning