KUALA LUMPUR: Service at several local online brokerages here was disrupted after what is believed to be an attack by hackers demanding money, the second strike since Wednesday.
This comes just weeks after malware WannaCry and NotPetya – used to encrypt the files of infected computers and hold the owners to ransom – crippled hundreds of businesses worldwide.
However, this time, it was a distributed denial of service (DDos) attack.
The Malaysian Communications and Multimedia Commission (MCMC) is looking into reports of suspected cyber attacks disrupting online trading at the brokerages.
The regulator said it was helping the stock exchange to investigate the disruption, a report by Nikkei Markets said yesterday.
This was after several brokerages informed clients that their online broking services had been disrupted by the suspected cyber attacks once again after a similar disruption on Wednesday.
Jupiter Securities Sdn Bhd was among the broking companies affected, and sent out an e-mail to clients to update them.
An earlier notice from N2N Connect Bhd, which provides core trading solutions to local stockbroking firms, alerted brokers to a DDos cyber attack threat on Wednesday.
“This morning – July 5, 2017 – we witnessed a coordinated cyber attack known as DDos (distributed denial of service) targeted at Malaysian brokers.
“It started at one data centre at 8.30am until 10.30am and later, the other centre was attacked.
“This attack was aimed at broking houses. A further check with brokers not on our panel confirmed that they too experienced similar disruption at the said time,” N2N Connect said in the notice.
The company said the affected brokers were blackmailed via e-mail, allegedly from a cyber-group seeking payment to avert an attack that could crash their trading websites.
“If the ransom is not paid in the allotted time, the ransom would increase and the targets would face large-scale and persistent multi-vector attacks,” it said.
Another service provider, Excel Force MSC Bhd, said its data centre experienced an outage of about one hour as a result of the DDoS attacks.
“The attack did not penetrate our firewall and no data was compromised,” the company said in a statement, adding that it had put additional preventive measures in place.
It is learnt that one local brokerage temporarily blocked all foreign traffic from accessing its online trading system as a temporary security measure.
When contacted, Bukit Aman Commercial Crime Investigation Department director Comm Datuk Acryl Sani Abdullah Sani said the matter was being fully investigated by the MCMC.
Bursa Malaysia said the attacks did not cause any disruption on the stock exchange.
“As the national exchange, Bursa Malaysia has in place measures to ensure our infrastructure is protected against any cyber attack,” the stock exchange operator said in a statement to StarBizweek.
A Japanese forex broker also faced a similar DDos attack last week.
In May, WannaCry reportedly hit 99 countries, affecting the computer networks of Britain’s National Health Service, Russia’s interior ministry and international shipper FedEx, among others.
About a month later, NotPetya infected several sectors in 13 countries, including the government, energy, transportation, communication, healthcare and banking sectors.
The attacks prompted both the National Security Council and CyberSecurity Malaysia to issue an alert.
Online trading systems targeted
Hackers part of Armada Collective, says IT security specialist