Published February 06, 2014
Hackers used to be content just siphoning off huge wads of cash and stealing millions of identities, but today’s cyber evildoers also want to mess with investors.
In a new report issued this week, security firm Prolexic warns that hackers are deploying distributed denial-of-service (DDoS) attacks in an attempt to manipulate stock prices or even cause market mayhem.
“We have uncovered a disturbing trend: Many of these malicious attacks appear to be intent on lowering the target’s stock price or currency values, or even temporarily preventing trades from taking place,” Stuart Scholly, president of Prolexic, said in a statement.
The complex and evolving intentions of modern hackers underscore the difficult challenge facing corporate America in combating this rising threat.
It’s clear that hackers want to take advantage of the fact that in today’s digital world, major companies need to stay online to maintain services with clients and secure their legitimacy.
Increasingly Powerful Attacks
The public image of a financial-services firm is “intricately associated with its cyber presence,” the Prolexic report said. Therefore, it stands to reason that a wobbly cyber presence can hurt that public image or even market value of a company.
In recent years, DDoS attacks are believed to have slowed or even blocked access to the customer websites of big banks like Wells Fargo (WFC) and JPMorgan Chase (JPM) and even virtual currency exchanges.
“Even though a victim enterprise might not suffer any inventory or physical loss as a result of DDoS attacks, the negative consequences associated with site availability and investor confidence may be substantial,” the report said.
Corporate websites have been slammed by increasingly powerful DDoS attacks, which seek to overwhelm servers by bombarding them with unreasonable amounts of traffic.
There was a 26.1% year-over-year increase in the number of DDoS attacks during the fourth quarter, while the average peak attack bandwidth soared 48% from the third quarter to 4.53 gigabytes per second, Prolexic said.
Prolexic said it found a “causal relationship between cyber attacks and a change in the valuation of a company in a given market.”
While the paper does not present conclusive evidence demonstrating that cyber attacks bring down companies’ share prices, Prolexic does show that this is one goal hackers are striving for.
For example, hacktivist group Anonymous took credit for a 6% slide in the share price of Sony (SNE) in April 2011 following an attack on the electronic giant’s PlayStation Network.
The embarrassing and costly incident took down the network used for online gameplay for over three weeks and led to the theft of about 77 million accounts. “We’re already causing [redacted] stock to drop!!” one apparent Anonymous member said in a chat room.
In a campaign dubbed “Operation April Foolscoin,” hackers attempted to cause a major selloff in emerging crypto currency Bitcoin in the spring of 2013 by attacking Bitcoin exchange Mt. Gox.
The powerful cyber attack helped send the value of Bitcoin tumbling 22% after Mt. Gox was forced to halt trading for 12 hours. The Tokyo-based exchange said hackers want to destabilize Bitcoin and “abuse the system for profit.”
Conceivably, a cartel of cyber criminals or even an individual hacker could capitalize on a selloff in a hacking target’s share price by placing bearish bets, called short positions.
“If they think they can get away with it and benefit from the technique, why wouldn’t they do that?” said Carl Herberger, vice president of security solutions at Radware (RDWR).
Exchanges Under Cyber Siege
It’s also clear that hackers have set their sights on large financial exchanges in an effort to disrupt trading of stocks, bonds or commodities. Some hackers may attempt to score a financial gain out of the turmoil that such an attack could cause, while more politically-motivated hacktivists would love to take out these symbols of American capitalism.
Hacktivist group L0ngwave99 launched a campaign in February 2012 to block access to Nasdaq OMX Group’s (NDAQ) websites.
Nasdaq acknowledged the attack and confirmed it experienced intermittent service disruptions on its corporate websites, but said its stock and derivative trading systems were unaffected.
Last year, some suspected a cyber security lapse may have caused a three-hour halt of Nasdaq-listed securities, but the exchange quickly shot down this theory.
Still, Herberger said the so-called Flash Freeze demonstrated that a “technical recipe” exists for “bad guys” to potentially exploit. “I get nervous about this kind of stuff,” he said.
Global financial exchanges recently launched the industry’s first cyber security commission, which seeks to improve information sharing and best practices.
While security professionals believe financial exchanges are taking the threat seriously, it’s clear other parts of America’s aging critical infrastructure are less prepared. Just last week, hackers blocked access to the U.S. federal court system’s public website, preventing lawyers from filing legal documents online.
These concerns were backed up by a mock cyber attack last year by ethical "white hat" hackers that was able to directly impact U.S. stock market performance.
At an industry conference last fall, Mark Graff, chief information security officer at Nasdaq, said the exchange remains “a big target” of those who want to “hurt the financial industry.”