New York (AFP)
Cyber attacks have long been seen as a threat to financial markets, but concerns have grown following a hack into a US pipeline that sparked public panic and forced the company to pay ransom .
Financial exchanges that handle daily transactions of tens or hundreds of billions of dollars are an attractive target for hackers.
The big exchanges insist they are aware of the problem, but remain silent on the steps they take to protect their networks.
“Technology and operational resilience are at the heart of everything we do,” a Nasdaq spokesperson told AFP.
Likewise, the Chicago Board Options Exchange “takes cybersecurity very seriously and does not publicly discuss our cyber defenses,” said a spokesperson for the exchange.
New York Stock Exchange chairman Stacey Cunningham told CNBC that the exchange “is constantly working not only with our own teams but with others in the market, with regulators and other exchanges to keep markets safe. markets ”.
The Chicago Mercantile Exchange, a key energy and agricultural commodities trading platform, declined to comment entirely.
Recent history shows that the risk of hacking is far from a theoretical problem in financial exchanges.
Last August, New Zealand’s NZX was paralyzed for four days following a digital siege.
The episode, a “distributed denial of service” attack, is a common type of cyber incident in which hackers saturate a system by sending a huge flood of requests, overwhelming the system, and slowing or blocking operations.
“NZX has been told by independent cyber specialists that the attacks… are among the largest, richest and most sophisticated they have ever seen in New Zealand,” said NZX Managing Director Mark Peterson , following the incident.
Such a calamity has yet to befall a stock exchange or a large financial firm in the United States. But the concern has preoccupied US finances and government at the highest levels.
Federal Reserve Chairman Jerome Powell told “60 Minutes” news last month that a cyberattack poses even greater risks to financial markets than the liquidity freeze during the 2008 financial crisis.
“There are scenarios where a large payment service, for example, goes down and the payment system cannot function,” said Powell. “Payments cannot be made.
“There are scenarios in which a large financial institution would lose the ability to track the payments it makes. “
The Nasdaq employs resources to counter cyberthreats, but warns that “these measures may prove insufficient depending on the attack or threat posed,” the company said in a securities filing, adding that it “could be required to devote significant additional resources to this effort ”.
– Range of motivations –
The most common way used by hackers to extort victims is to infiltrate a computer network with ransomware, which encrypts system data which can be lifted after the ransom has been paid.
Earlier this month, Colonial Pipeline, which supplies gasoline to much of the United States’ east coast, finally paid hackers some $ 4.4 million after the network was completely dismantled for several days, causing panic shopping and fuel shortages in some areas.
But money isn’t the only motivation for groups that might seek to hold a prominent institution like a stock exchange hostage, experts say.
“They may want to make money, harm the target’s ability to conduct business, steal sensitive information, or ruin their reputation,” said Sean Cordero, security advisor at Netenrich, a California-based cybersecurity firm.
“Or, it could be all of the above and more. “
The motivation of the group will also determine the nature of the attack.
“If they are motivated by espionage or are purely interested in collecting information, they would probably remain silent and move discreetly so that they can maintain access for as long as possible,” said Alec Alvarado, a specialist in the field of intelligence. cyber intelligence at Digital Shadows in San Francisco. business.
But groups looking for a large ransom may choose to inflict maximum immediate damage for a quick response.
The range of motivations means companies should aim to become “the hardest target” possible to thwart attacks, Alvarado said.
“Unfortunately, with ever-increasing attack surfaces, if a threat actor is willing to take the time to find a way in, there’s a good chance they will. “
Cordero said frequent updates to security systems are needed to counter cyber risks, requiring the systems to be temporarily taken offline.
“This is ultimately a risk-based decision that can have major implications if not treated as such,” Cordero said. “Unfortunately, these decisions tend to get relegated to the to-do list and can go months or years without action. “
© 2021 AFP