Could the stock market ever be hacked?

Millions of Americans rely on the stock market as their primary wealth creation tool. Without them, the “American dream” would be even more inaccessible than it is today.

People have an incredible amount of trust in the stock market. Consequently, investors need to believe that Wall Street is well protected – if you buy a stock it can go up or down, of course, but it could never disappear from your account or let vicious actors manipulate its price.

But let’s just ask: could the stock market ever be hacked?

And the short answer is yes.

More from US News:
Do you really need to warm up before training?
Does exercise make you hungry or suppress your appetite?
People have 8 revelations during training

Despite the shortcomings, there are strong protective measures. First off, don’t go out and sell all of your stocks. The exchange has serious safeguards in place to prevent any kind of “hack” or fraudulent fiasco by hostile actors.

“A hack can cause a temporary outage. However, fraud or operational errors on the exchange are handled by the participants or covered by the brokers and their insurance companies,” said Philip Lieberman, president of Lieberman Software in Los Angeles.

“If there is an irregularity, the exchange is simply closed,” says Lieberman. “This has happened several times and does not cause panic. The exchange will reopen when everyone has calmed down.”

Penny stocks, pink sheets, and unregulated exchanges are a different story. “In general, if there is fraud on an unregulated exchange, it’s bad news for everyone involved. You bought the ticket and you’re going to the end,” says Lieberman.

Despite all the protections that the largest exchanges offer, they don’t always work smoothly.

Just look at the infamous “Flash Crash” of 2010, in which the Standard & Poor’s 500 index lost around 9 percent in a matter of minutes and then gained again to remember that the market is not immune to serious hiccups.

More recently, on the evening of July 3, stock prices rose for Amazon.com (ticker: AMZN), Alphabet (toget, togetL), Microsoft Corp. (MSFT), Apple (AAPL) and other tech stocks magically hit $ 123.47, which seemed to suggest that AMZN and toget were down 87 and 86 percent, respectively. No trades were made at these prices and their correct values ​​were soon displayed again.

At the end of the day, however, these cases were all essentially mishaps; besides, they were brief and corrected almost instantly.

If you don’t find this too comforting, consider the following: The exchange is not connected to the internet, rendering one of the most ubiquitous and effective scam techniques completely powerless.

Go phish. Phishing scams, usually email campaigns where attackers pretend to be an authoritative entity that you know and trust, are both popular and effective.

Mike Sanchez, United Data Technologies chief information security officer, says his company frequently tests enterprise security systems to identify and remediate breaches.

“We did a commitment for a financial institution just last week. They gave us a list of 500 employees,” says Sanchez via email. “75 percent of them clicked a link asking for their user ID and password – and gave it to them.”

Since the major exchanges operate on their own offline networks, phishing just wouldn’t stop it from happening.

Unique ways to “hack” the stock market. Russia attempted to partially rig the 2016 elections by using botnets to pump fake news on social media. The same method could be used “to manipulate the high-speed trading algorithms and convince them that there is a problem with a company that would cause a brief crash,” said Andrew Howard and chief technology officer at Kudelski Security.

“Attacks on sources of information like the AP’s Twitter account can quickly impact stock prices,” said Nathaniel Gleicher, head of cybersecurity strategy at lllumio and former director of cybersecurity policy under President Barack Obama.

Equal does not draw this example out of nowhere. In 2013, hackers got access to the Associated Press Twitter account and tweeted, “Breaking: Two White House Blasts and Barack Obama Wounded.”

That tweet, sent at 1:07 p.m., caused the Dow Jones industrial average to immediately drop 150 points, although the losses were quickly recovered when the hoax was unraveled. In that short time, however, stocks lost over $ 130 billion in market value.

A low probability, high impact scenario. While algorithm manipulation is a problem, the major exchanges have “breakers” that stop trading at certain vulnerabilities when they get too out of hand. For example, if the New York Stock Exchange falls 7 percent in one day, trading will cease. It stops again at 13 percent and again at 20 percent. And if fraud was going on, all questionable deals would be reversed.

A large-scale attempt to infiltrate the stock market would have to be different. And despite the offline exchange, all security systems have advantages and disadvantages.

The main disadvantage of such a closed system is not the technology, but the people. “It would be much more worrying if an intruder could” linger “on the trading network for weeks or months and subtly manipulate trades,” says Gleicher.

When contacted, a NYSE spokeswoman declined to comment and similar requests to a Nasdaq representative were not returned.

However, there is a precedent for a large-scale attack on the American company, the success of which was based on human error.

In 2013, hackers obtained up to 40 million credit and debit card numbers from Target Corp. customers. (TGT) stolen. The attackers were able to gather this incredible amount of information because their malware has been “lingering” in Target’s data centers for some time.

“I think an average of 74 days – and all it did was scan and collect information,” says Sanchez.

According to Sanchez, the hackers were able to physically access Target’s data center, where they allegedly left USB devices with malware lying around.

“Someone, probably an employee, put it in their PCs,” says Sanchez.

If sticking a random pen drive into your computer is a bad idea, this is it. But apparently that’s not unusual at all. “We see this all the time,” says Sanchez.

Sanchez believes a large-scale stock market attack would “absolutely” work the same way. “That’s how I would do it.”

Forty million compromised credit and debit cards is an astounding amount of financial fraud, but if an attacker has somehow been able to “dwell” in the financial system and manipulate trades, it will affect the stock market, which is home to tens of trillions of dollars of wealth – is literally unfathomable.

“Trying to mitigate the impact could send shock waves through the financial system as regulators grapple with dealing with innocent deals based on manipulated stock values. It would take a lot of money and time,” says Gleicher.

Comments are closed.