Cyber Attacks on Hong Kong Stock Exchange Website: Day 2

Jay Decenella, IT audit expert
August 11, 2011 /

The cyber attacks that have been targeting the news Web site of Hong Kong stock exchange for two consecutive days have forced the bourse to change the way it publicizes price-sensitive information from listed companies.

The Hong Kong Exchanges & Clearing’s Web site, where where Hong Kong-listed companies post their announcements in compliance with disclosure requirements, started to suffer distributed denial of service (DDoS) attacks on Wednesday from hackers whose identity remained unknown, according to Charles Li, chief executive of the stock exchange.

The attacks highlighted vulnerabilities in the Web sites of stock exchanges, Nasdaq being the previous bourse to have suffered from a security breach in February after it confirmed that its web portal had been penetrated by hackers through a malware implanted on its servers.

Following the cyber attacks on Hong Kong stock exchange, seven stocks were suspended  shortly before these companies, including the bourse itself, could announce interim results before closing of the market.

The companies included HSBC, which constitutes 15 percent of Hong Kong’s Hang Seng Index, Hong Kong Exchanges, with a 2.6 percent weighting, Cathay Pacific, Dah Sing Banking Group Ltd. (2356), Dah Sing Financial Group, China Resources Microelectronics Ltd. and China Power International Development Ltd. (2380).

Li said there would be no grounds for compensation claims because the stock exchange was acting on the basis of ensuring equal access to information.

The attacks came from remote-controlled computers around the world, Chief Technology Officer Bill Chow said.

Chow added that the complexity of these attacks took his team time to filter and analyze.

In a statement, the Hong Kong stock exchange said: “In the course of the investigation, it was determined that a mixture of attacking techniques had been deployed to intentionally interrupt the operation of the HKExnews website.

“The malicious traffic originated from a network of personal computers, the majority of which were based outside Hong Kong.”

The stock exchange said that starting Friday, it will place advertisements in eight local newspapers with a list of companies that plan to release announcements on the day. The stock exchange said it has talked with media outlets such as Thomson Reuters and Bloomberg over ways to distribute all company announcements alongside it own Web site.

It also advised investors to secure the information from the companies’ Web sites if the Hong Kong stock exchange succumbs to further attacks.

It will also use e-mails to back up its central online system, according to Li.

Commenting on Li’s actions, Chester Wisniewski, a senior security advisor at Sophos, said: “Mr. Li has been very forthcoming with the information needed most by those affected, and has implemented measures to ensure that this criminal operation will not continue to have impact on companies trading on the exchange.

“This could not come at a worse time, as the global financial markets teeter on the brink of another recession. Nevertheless, Mr. Li appears to be taking a measured and appropriate response to the attacks.”

The stock exchange said it had been “working closely with local and overseas security experts” to probe the root of attacks on its Web site, which is running again on Thursday.

 

Share your opinion