InvestSMART

ASX goes to war on cyber crime

The Australian Securities Exchange has undertaken its own "war games", simulating cyber-attacks as part of efforts over the past year to shore-up defences against a growing threat.
print
InvestSMART
By InvestSMART · 24 Jul 2013
print
Share
InvestSMART
By InvestSMART ·
24 Jul 2013
Share
comments Comments
print Print
The Australian Securities Exchange has undertaken its own "war games", simulating cyber-attacks as part of efforts over the past year to shore-up defences against a growing threat.

Efforts by key market operators to clamp down on high-tech crime come as more than half the world's stockmarkets have revealed they experienced a cyber attack last year.

A research paper published by the World Federation of Exchanges and the International Organisation of Securities Commission found 53 per cent of exchanges - including the key global exchanges - suffered a cyber attack last year.

ASX chief information officer Tim Thurman said Australia remained a relatively small target, with Asian and American exchanges more likely to experience attacks. However, Mr Thurman said that the ASX ran through cyber attack scenarios in order to boost security.

Regulators around the world are stepping up warnings over the potential threat of cyber crime on financial infrastructure.

Fears of attacks range from markets and banking processes being shut down, to the potential for share prices or other securities being manipulated. According to the World Federation of Exchanges report, 80 per cent of large exchanges had experienced a cyber attack last year, compared with just under 28 per cent for small exchanges.

The ASX said it was in regular dialogue with other exchanges across a range of topics, including technology.

The report said that so far there was little evidence cyber-crime was having an impact on market integrity and efficiency.

"Exchanges tend to be victims of 'disruptive' forms of cyber attack, rather than those executed for financial gain," it said.

The most common type of attack reported was a denial of service attack which involves flooding a server with illegitimate communications requests in an effort to cause it to overload.

"Cyber-attacks against respondent exchanges are generally detected immediately. However, some respondents noted that detection times may lengthen when facing 'day zero' or unknown threats," the report said.

The survey indicated that the cost of cyber attacks was minimal, with all respondents indicating less than $US1 million ($1.1 million).

Some 89 per cent of exchanges surveyed said they viewed cyber crime in equities markets as a potential systemic risk.

"Cyber-criminals now include sophisticated and well-resourced actors, undeterred by regulation, given the low likelihood of being caught. These actors are perpetrating attacks against securities markets with the motive of being disruptive and not just for immediate financial gain," the report said.

Meanwhile, last week in the US, key Wall Street players orchestrated a cyber security exercise testing 500 individuals and 50 banks and exchanges in a major simulated attempt to disrupt US equity markets.

The move was designed to test crisis response procedures, information sharing and protocols relating to a systemic cyber attack.
Google News
Follow us on Google News
Go to Google News, then click "Follow" button to add us.
Follow us
Share this article and show your support
Free Membership
Free Membership
InvestSMART
InvestSMART
Keep on reading more articles from InvestSMART. See more articles
Join the conversation
Join the conversation...
There are comments posted so far. Join the conversation, please login or Sign up.

Frequently Asked Questions about this Article…

The ASX has run so-called “war games,” simulating cyber-attacks over the past year to shore up defences. ASX chief information officer Tim Thurman said the exchange runs cyber-attack scenarios and maintains regular dialogue with other exchanges on technology and security.

A research paper by the World Federation of Exchanges and IOSCO found that 53% of exchanges experienced a cyber attack last year. The report also said 80% of large exchanges and just under 28% of small exchanges reported attacks, highlighting how common the threat has become.

The most common type reported was denial of service (DoS) attacks, which flood a server with illegitimate requests to overload it. The report also found exchanges are often victims of disruptive attacks rather than attacks executed primarily for immediate financial gain.

According to the World Federation of Exchanges report, there was little evidence so far that cyber-crime was having a material impact on market integrity and efficiency. Nevertheless, many exchanges view cyber crime as a potential systemic risk.

The report noted that cyber-attacks against respondent exchanges are generally detected immediately. However, detection times can lengthen when facing ‘day zero’ or previously unknown threats, which are harder to spot right away.

The survey indicated the direct cost of cyber attacks reported by exchanges was minimal in the surveyed cases, with all respondents indicating losses of less than US$1 million (about AU$1.1 million).

Yes. Regulators around the world are stepping up warnings and cooperation, and exchanges like the ASX are in regular dialogue with peers on technology and security. In the US, a major cyber security exercise recently tested 500 individuals and 50 banks and exchanges to evaluate crisis response, information sharing and protocols.

The report found 89% of surveyed exchanges view cyber crime in equities markets as a potential systemic risk, and fears include market shutdowns or securities manipulation. At the same time, the report said there was little evidence so far of major impacts on market integrity, as exchanges are working to detect, simulate and respond to threats.