© The Financial Times Ltd 2015 FT and 'Financial Times' are trademarks of The Financial Times Ltd.
July 16, 2013 6:22 pm
More than half the world’s securities exchanges have fought off cyber attacks over the past year, industry figures have revealed, raising fears that markets are becoming vulnerable to hackers who could destabilise trading.
The data, in a report published on Tuesday by the World Federation of Exchanges, a trade body, and the International Organisation of Securities Commissions, spurred calls for tougher cross-border legislation to deter such attacks.
Nearly half the exchanges surveyed in the WFE-Iosco report said the weapon that would help them most against cyber crime was more effective regulation.
The findings underline how authorities and exchanges are becoming increasingly concerned that a potential large-scale attack on key market infrastructure operators could damage the integrity of financial markets.
Exchanges have tended to play down the risk that hackers could penetrate their systems as the computer networks used are private and closed. Access to trading is also limited by going through brokers, they have argued.
Two years ago Nasdaq OMX said it had been targeted by hackers who focused on a web-based application that contained highly-sensitive corporate information. However, the transatlantic exchanges operator was keen to stress its trading operations were not compromised.
The WFE-Iosco study pointed to a “shift away from financial gain towards more destabilising aims” on the part of hackers.
Attacks tended to be aimed at disrupting daily operations, such as a Denial of Service (DDoS) or malware, rather than trying to manipulate markets, it found. Exchanges also cited data theft and insider information theft, including source codes for high-frequency trading strategies, as key concerns.
The report comes as the lines between the electronic trading world and the internet are fast becoming blurred. US markets suffered a brief but sharp sell-off in April only minutes after a fake tweet from the hacked Twitter account of newswire AP announced an attack on the White House.
Just weeks before the Securities and Exchange Commission allowed companies to tweet corporate activity. Bloomberg has incorporated selected Twitter accounts into its terminal, the most widely-used data source in financial markets.
The WFE-Iosco study indicated that, while hackers had not yet made an impact on market integrity and efficiency, there were widespread concerns over the effectiveness of current legislation.
Some 59 per cent of the 46 bourses surveyed said there were sanction regimes in place in their own legal jurisdiction to combat cyber crime. Of that total, only half felt the current sanction regimes were effective in deterring cyber criminals. Exchanges in America and Europe, in particular, felt existing laws did not act as a sufficient deterrent.
“Doubt over the effectiveness of these regimes generally appears to rest on the international nature of cyber crime, which creates a major obstacle in effective enforcement,” said Rohini Tendulkar, author of the report.
Around three quarters of exchanges had information-sharing arrangements in place, but few crossed national jurisdictions and most reported their concerns to national regulators and cyber-threat forums.
Copyright The Financial Times Limited 2015. You may share using our article tools.
Please don't cut articles from FT.com and redistribute by email or post to the web.