ASX prepares itself for cyber warfare

The Australian Securities Exchange has undertaken its own "war games", simulating cyber-attacks as part of efforts over the past year to shore up its defences against a growing threat.

The Australian Securities Exchange has undertaken its own "war games", simulating cyber-attacks as part of efforts over the past year to shore up its defences against a growing threat.

Efforts by the key markets operators to clamp down on high-tech crime come as more than half of world stockmarkets have revealed they have experienced a cyber-attack last year.

A research paper published by the World Federation of Exchanges and the International Organisation of Securities Commission found 53 per cent of exchanges - including the key global exchanges - suffered a cyber-attack last year.

ASX chief information officer Tim Thurman said Australia remained a relatively small target, with Asian and American exchanges more likely to experience attacks. However, Mr Thurman said that the ASX ran through cyber-attack scenarios in order to boost security.

Regulators around the world are stepping up warnings over the potential threat of cyber-crime on financial infrastructure. Fears of attacks range from markets and banking processes being shut down to the potential for share prices or other securities being manipulated.

According to the World Federation of Exchanges report, 80 per cent of large exchanges had experience a cyber-attack last year, compared with just under 28 per cent for small exchanges.

The report said that so far there was little evidence cyber-crime was having an impact on market integrity and efficiency.

"Exchanges tend to be victims of 'disruptive' forms of cyber-attack, rather than those executed for financial gain," it said.

The most common type of attack reported was a denial of service attack, which involves flooding a server with illegitimate communications requests in an effort to make it overload.

"Cyber-attacks against respondent exchanges are generally detected immediately. However, some respondents noted that detection times may lengthen when facing 'day zero' or unknown threats," the report said. The survey indicated that the cost of cyber-attacks were minimal, with all respondents indicating less than $US1 million ($1.1 million).

Some 89 per cent of exchanges surveyed said they viewed cyber-crime in equities markets as a potential systemic risk.

"Cyber-criminals now include sophisticated and well-resourced actors, undeterred by regulation, given the low likelihood of being caught. These actors are perpetrating attacks against securities markets with the motive of being disruptive and not just for immediate financial gain," the report said.

Last week in the US, key Wall Street players orchestrated a cyber-security exercise, testing 500 individuals and 50 banks and exchanges in a major simulated attempt to disrupt US equity markets. The move was designed to test crisis response procedures, information sharing and protocols relating to a systemic cyber-attack.

Related Articles