Created by investors for Investors
Click Here to Join Today!

How vulnerable are the U.S. stock markets to hackers?

(Chart) How vulnerable are the U.S. stock markets to hackers?When the New York Stock Exchange halted trading for nearly four hours on July 8, it raised an important question: How vulnerable are the markets to hackers?

That morning, United Continental UAL, -0.85% had grounded flights due to a computer error and the Wall Street Journal’s website went down, fueling theories that hackers were taking concerted aim at symbolic entities. The exchange ICE, +1.99% quickly put down rumors of an attack, saying that a software update had caused a glitch.

—————————————-
This may be YOUR opportunity to invest in the Cyber-Crime Prevention sector and profit while helping solving these problems. See Multiple Ways to Win with LANS HOLDINGS, INC
OTC: LAHO – MORE INFORMATION – VIDEO & REPORT
—– S P O N S O R E D —–

The threat of exchanges being hacked, though, is very real. More than half of the 46 exchanges surveyed by the International Organization of Securities Commissions and the World Federation of Exchanges reported suffering a cyberattack in 2012, according to a working paper released the following year. Exchanges in the U.S. were 67% more likely to have reported experiencing an attack than those based elsewhere.

Cybercrime has repeatedly been called the biggest threat to the financial sector and to businesses — and warnings have been growing louder and more urgent as attacks increase in frequency and complexity. About 88% of brokerages and 74% of advisers in the U.S. have faced cyberattacks, according to a Securities and Exchange Commission report released in February. A major U.S. bank suffers an attack every 34 seconds, according to testimony from a Congressional hearing in June.

The NYSE outage prompted fears that the nightmare scenario of hackers blacking out an exchange or destroying its integrity by tampering with critical market data could become a reality.

“In this day and age, it’s always a concern,” said Karl Schimmeck, managing director of financial-services operations at the Securities Industry and Financial Markets Association. “[Exchanges] are a critical link within the financial-services sector. They understand their responsibility. They make major investments.”

—————————————-
This may be YOUR opportunity to invest in the Cyber-Crime Prevention sector and profit while helping solving these problems. See Multiple Ways to Win with LANS HOLDINGS, INC
OTC: LAHO – MORE INFORMATION – VIDEO & REPORT
—– S P O N S O R E D —–

A history of vulnerabilities

“We take information security and cyber risk seriously, and both [Intercontinental Exchange] and NYSE have made substantial investments in information security as part of our operations, and we continue to do so as a combined entity,” an NYSE spokesperson told MarketWatch in a statement. “We constantly evaluate the processes we have in place to ensure we are confident in our procedures, employee awareness, technology and training.”

Red flags have been raised about computer security at stock exchanges for at least 25 years. In 1991, the U.S. Government Accountability Office, a watchdog agency, found 68 systems-security and other control weaknesses at five stock markets, including NYSE. While financial firms have advanced to become “technology companies with a bank wrapped around them,” Schimmeck said, “the challenge is changing a tire on a car that’s going 60 miles per hour on a road” as hackers search for vulnerabilities.

About five years ago, Russian hackers cracked the Nasdaq NDAQ, +1.22% In July 2009, two U.S. stock exchanges suffered attacks that disrupted their websites, and two years later the parent company of Nasdaq confirmed that intruders had breached an online portal that executives used to communicate.

Industry groups like Sifma host practice runs for financial companies to test their hack-response plans. Last month, the Pentagon, the Department of Homeland Security and the National Security Agency held a three-day war game at a military facility in Virginia to test banks and other private companies on their attack-response plans.

Christopher Finan, who worked at the Pentagon on cybersecurity issues with the White House when the Nasdaq was hacked in 2010 and later served as President Barack Obama’s cybersecurity adviser, said the technology that financial firms run on is a “hodgepodge of systems that have been cobbled together.” Security has been welded on top, rather than built in from the start, making it easier for a determined hacker with enough time and resources to crack into any system.

Exchanges are focusing on ensuring the integrity of financial data under the assumption that a breach is bound to happen, he said, and must secure transactions and product data so criminals cannot toy with specific stocks’ prices.

“What can we do to make this transaction activity indelible, given cryptography, for example, so that once a trade is submitted and validated, there’s no way for a hacker to manipulate that information?” Finan asked. “Hackers are inevitably going to get access to these systems.”

—————————————-
This may be YOUR opportunity to invest in the Cyber-Crime Prevention sector and profit while helping solving these problems. See Multiple Ways to Win with LANS HOLDINGS, INC
OTC: LAHO – MORE INFORMATION – VIDEO & REPORT
—– S P O N S O R E D —–

More regulation

Luis Aguilar, who sits on the Securities and Exchange Commission, said at an industry conference in New York in June that the agency should provide more guidance to market intermediaries on how to respond to cybersecurity incidents.

“We know that brokerage accounts are being hacked. We know that unauthorized trading has occurred. Yet we’ve not provided guidance,” he said. “I hope that we will do so quickly. The industry’s asking for it. They’re asking for help.”

The agency finalized new rules last year that will require stock exchanges to meet several cyber-defense and response standards starting in November. Under those rules, firms must also monitor for intrusions, respond promptly and report them to the SEC within 24 hours.

Low probability, high consequence

Stocks on the New York Stock Exchange traded elsewhere while it was down during those July 8 hours. That’s a good thing. Nasdaq and NYSE are now planning to back up each other’s closing auctions, as well, in the event of another outage.

“You don’t want to have single points of failure,” Sifma’s Schimmeck said. “An exchange can go out, and we can continue to operate.”

He and Finan said the probability that hackers will disrupt critical technology across multiple exchanges and larger financial firms at the same time — shocking the markets into chaos — is low. An attack of such scope would require hackers to crack targets across multiple networks at the same moment.

“Being able to achieve lots of effects, near simultaneously, at scale — and that’s really what would be required for a systemic outage — that type of systemic attack is extraordinarily difficult,” Finan said. “Extraordinarily low probability but extraordinarily high consequence.”

—————————————-
This may be YOUR opportunity to invest in the Cyber-Crime Prevention sector and profit while helping solving these problems. See Multiple Ways to Win with LANS HOLDINGS, INC
OTC: LAHO – MORE INFORMATION – VIDEO & REPORT
—– S P O N S O R E D —–

———————————————————————————————————————————-
This post has been curated from MarketWatch. The original post was written by AUTHOR: BY Priya Anand. Date of Publication: 2015.07.15

Small Cap Society is not associated with MarketWatch and has provided this information as for the interest and education of our readers.

Please contact the original Author and Publisher regarding the details of this article.

Priya Anand is MarketWatch's consumer fraud reporter. She is based in New York. You can follow Priya on Twitter @PriyasIdeas.

http://www.marketwatch.com/story/how-vulnerable-are-the-us-stock-markets-to-hackers-2015-07-31
———————————————————————————————————————————-

Leave a Reply