In a June interview with CNBC, cybersecurity firm BAE Systems said that it “detected” and “thwarted” a security breach at a large hedge fund that crippled the fund’s high-speed trading strategy and sent information about its trades to unknown off-site computers.
The attack supposedly began in 2013, when hackers sent a “spear fishing” email to hedge fund employees. The emails appeared to be about the capital markets industry.
(“Spear phishing “ is email spoofing fraud that targets a specific organization. The emails appear to come from a source that would be trusted by employees of that organization, making the employees more likely to click on links in the message and launch malware attacks. The sources may even appear to be people in the employees’ own company.)
BAE said financial analysts and IT managers at the firm noticed two problems that they didn’t initially realize were related:
- The firm’s computer-based trading system had become ineffective, and there was a time lag (of microseconds to milliseconds) between when trade orders were issued and when they were executed.
- Files were being moved on the system in ways that didn’t make sense, given normal business operations.
BAE reportedly “discovered” that malware had been programmed to insert a random lag into the firm’s order entry system, and that the malicious code was also recording details of the orders.
The BAE spokesman said that this caused a “multimillion dollar problem” for the hedge fund and was causing “a material impact on performance across the portfolio.”
BAE claimed to have fixed the problem. Its stock traded up 1.6% on the day the interview was published, with higher-than-average volume.
However, as reported by the New York Times, the so-called “attack” was actually a simulation run by BAE itself – as BAE admitted three weeks later.
“Although the example was a plausible scenario, we believe that it does not relate to a specific company client,” said BAE in an email.
The BAE “attack” may have been a fake, but it appears that hedge funds really are being targeted by cybercriminals.
Hedge funds can get into plenty of trouble on their own, without any “help” from hackers. Cyberattacks are only going to make the risks worse.
That’s why hedge funds – and everyone involved in the financial industry – need to adopt more rigorous security standards – like the PACid solution.
