Reports are emerging that cyber criminals are attacking and stealing in-house trading algorithms/code used by hedge funds and high-frequency stock traders.
According to the Financial Times, security company Kroll Ontrack said that it has observed three recent cases of insiders pilfering the code for proprietary trading models. The algorithm information can be used for a few different nefarious purposes, including blackmailing a company into buying back its own data; or, selling it to other traders on the black market.
“We have seen cases of the source code for algorithms being stolen. In two of the cases we were able to find the bad guy and stop him before he could share it on the web,” said Ernest Hilbert, head of cyber investigations for Europe, the Middle East and Africa.
One security analyst told Infosecurity that what makes this type of game so complicated is that is completely based on knowledge, and can, in the right context, be monetized effectively.
“This article could have easily been named ‘cybercriminals continue to innovate,’” said TK Keanini, CTO of Lancope. “The fact of that matter is that cybercriminals are as intellectual as any other high-business person, and they are interested in keeping their business growing. As defenders put in place countermeasures for protection, attackers find new ways to defeat these defenses and other areas to attack.”
Ken Westin, senior security analyst, Tripwire, noted in an email that white collar hacking is becoming more common, whether it is an insider exfiltrating corporate documents, or criminal syndicates targeting information that can be sold to brokers giving them an edge in the markets.
“Not only are trading algorithms at risk, but other information such as patent status, trade secret information, manufacturing processes and yields amongst other pieces of information that may not initially seem sensitive, but in the right hands can provide a trader or competitor information that will give them an edge over other groups,” he said.
As with anything else, if there’s a buyer for a piece of data, there will be a criminal hacker after it—even into the reaches of high finance.
“Underground markets and bitcoin are helping to establish marketplaces where white-collar criminals and hackers can mingle and do business, something we have not seen before at this scale,” Westin added. “Whether it is a white-collar criminal enlisting the services of a criminal hacker to target a specific company and data, or the criminal hacker selling data they have already exfiltrated from an organization, these markets are growing in size and both the criminal white collar and hackers are becoming more brazen, so I expect to see more of these types of thefts to occur."