Via Threatpost.com -
Trading on Hong Kong’s stock market, Hong Kong Exchanges & Clearing, remains suspended today following a "coordinated and sustained" distributed denial of service attack on one of the exchange’s websites Wednesday. Several companies, including HSBC, China Power International and Cathay Pacific found their shares unavailable late Wednesday following the attack according to a report from BBC.
A Web site usually used for company announcements was forced offline in the attack on Wednesday. The attacks continued on Thursday, despite efforts to filter malicious traffic. A subsequent investigation by the Exchange's Information Technology team and outside security experts identified an attack stemming from a botnet located outside Hong Kong and intended to "intentionally interrupt the operation of the HKExnews website."
The Exchange did not give any indication of who the hackers are or what their motive is.
[...]
Security experts have warned that the financial services sector and, in particular, stock exchanges are vulnerable to hacking and are of interest to both criminal groups and state based actors who wish to use access for illicit profit, promote local firms or sow chaos - possibly as a prelude to a larger kinetic or cyber attack.
-----------------------------------------------------------------------------
HKEx News Release: Further Information about the Organised Attack on the HKExnews Website and Mitigation Measures
-----------------------------------------------------------------------------
This is freaking awesome....but freaking awesome in a scary bad way.
The DDoS isn't actually affecting the trading platform, it is hitting an Internet-facing website used to release (i.e make public) announcements from corporations. I believe, these announcements have to be public for the stock to trade per legal requirements - meaning nothing can trade until public has access.
Therefore, the HKEx is looking to expand their publication of these announcements via newspapers, e-mail and even other on-line portals.
At its core, this is a DDoS aimed at the business logic of the HKEx platform.
Weather the attackers knew that killing the publication website would stop trading is unknown. But I think we have to assume they did.
No comments:
Post a Comment