Monday, August 22, 2011

Hong Kong Authorities Arrest Man Over Stock Exchange Attack

Via InfoSec Island (August 22, 2011) -

Authorities in Hong Kong have arrested a man on suspicion of conducting a cyber attack against the Hong Kong Exchange (HKEx) nearly two weeks ago.

The man was detained late last week and police seized five computers, several mobile phones, and other items, according to reports.

"He is being investigated under the offence of access to a computer with criminal or dishonest intent," the police spokesman said, adding that the man was being held for questioning.

The attack against HKEx trading system websites had forced the exchange to suspend some trading for half a day.

After a preliminary investigation, the source of the disruption was acknowledged to be a hacker attack that was preventing investors from having access to important corporate announcements used to make trading determinations.

Without access to the important lunch hour announcements, HKEx officials decided to implement an emergency half-day trading contingency.

Officials indicate that critical systems involved in the actual trades themselves were not affected by the attack. Nonetheless, the event was a first for the Hong Kong exchange.

"It was the first time for a suspension due to such a kind of technical problem and one involving so many companies," said Alfred Chan, the chief dealer at Cheer Pearl Investment in Hong Kong.

While the attack is considered to be an unsophisticated operation targeting "low hanging fruit" - vulnerabilities that are common and easily exploited - there should be significant concern that such a major disruption could so easily be undertaken.

The attack demonstrates that financial systems remain highly susceptible to interruptions from cyber attacks.


------------------------------------------------------------------------

Background story....

DDoS Attack Forces Hong Kong Exchange Site Offline for Second Day (Aug 12, 2011)
http://djtechnocrat.blogspot.com/2011/08/ddos-attack-forces-hong-kong-exchange.html

No comments:

Post a Comment