Several stockbrokers come under DDoS attacks this week
CYBER attacks targeting online stock trading systems caused some havoc at several stockbrokers this week, as some of their their clients were locked out from making orders on their personal computers and smartphones.
But trading at the stockbrokers’ premises weren’t affected, which means investors were still able to continue with their business of buying and selling through remisiers over the phone.
“There was no trading disruptions on Bursa Malaysia,” the exchange operator says in an email response to StarBizWeek.
“As the national exchange, Bursa Malaysia has in place measures and steps to ensure our infrastructure is protected against any cyber attacks,” it adds.
The distributed denial of service (DDoS) attacks since this week had targeted online stock trading systems by at least two companies, Excel Force MSC Bhd
and N2N Connect Bhd
.
Excel Force claims on its website that it has 90% of stock broking public gallery display system and 70% of electronic client ordering system market share in Malaysia.
“The attack did not penetrate our firewall and no data was compromised,” the firm tells StarBizWeek.
The firm said its data centre came under DDoS attacks on Wednesday and Thursday.
No fresh incident at Excel Force’s data centre was reported yesterday.
“We have put in place additional preventative measures to further safeguard our users,” the firm says.
But there is no clear indication on whether the attacks had stopped.
N2N Connect on Wednesday had informed its clients about the DDoS attack targeting online stock trading platforms, according to stockbrokers contacted by StarBizWeek.
“Some stockbrokers have also received emails demanding payments to avert further attacks,” one executive says.
The Securities Commission yesterday said that it had directed Bursa Malaysia and brokers “to be on high alert and implement necessary risk-mitigating measures” after it detected “several anomalies” this week.
So far, SC observes that there has been no significant disruptions in trading and the market continues to operate in an orderly manner.
The regulator, however, is taking the risk of further escalation of attacks seriously.
“SC is engaging multiple stakeholders including the brokers, infrastructure and service providers to ensure their cyber security capabilities remain resilient,” it says, adding that it is working closely with relevant agencies including the National Security Council and Malaysian Communications and Multimedia Commission to track cyber risks and manage any potential cyber security incidents.
DDoS attacks, among the most common on the Internet, involve cyber criminals using hijacked and virus-infected computers to overwhelmed targeted website with data requests.
Such attacks overload a website until it is forced to inhibit access or go offline.
They have become common tools for cyber criminals trying to cripple businesses and organisations with significant online activities.
Cyber attacks targeting online trading platforms in on the rise worldwide with similar incidents reported in recent months affecting businesses in Japan, Taiwan and Canada.
Last month, Japanese forex broker Kabu.com Securities, a subsidiary of Mitsubishi UFJ Financial Group Inc came under DDoS attack that crippled its operations for about half an hour.
This was on the back of an earlier attack on Canadian online trading firm Questrade.
In February, Taiwan Stock Exchange reported that several securities and futures firms in the country had experienced cyber attacks and at least 10 had been threatened with attacks if they did not pay blackmailers.
As the scale of cyber attacks become larger and more sophisticated, authorities are under increasing pressure to ensure investors are protected against future threats.
Bursa Malaysia said yesterday that has in place a comprehensive framework and controls in accordance to the Guidance on Cyber Resilience for Financial Market Infrastructure issued by IOSCO-CPMI and the Guidelines on Management of Cyber Risk issued by the Securities Commission Malaysia. In addition, Bursa Malaysia is also a member of the World Federation of Exchanges’ Cyber Security Working Group.
“As a critical national information infrastructure, Bursa Malaysia participates in the national cyber crisis and emergency readiness exercises coordinated by National Security Council and Cyber Security Malaysia,” it says.
Already a subscriber? Log in
Get 20% OFF The Star Digital Access
Cancel anytime. Ad-free. Unlimited access with perks.
