Hedge Funds find they can't keep cyber attacks privet any longer. Ain't life a beech?
via Flickr © Simon Cunningham (CC BY 2.0)
It has belatedly been revealed that, back in January 2013, a US-head-quartered hedge fund was the subject of a serious cyber attack, thought to have originated in Eastern Europe, during which the fund's "high-speed" trading accounts (where a few microseconds can make the difference between big profits and big losses) were breached and highly sensitive data stolen. According to the UK-based cyber security company, BAE Systems Applied Intelligence, the attack went undetected for two months and is said to have cost the unnamed hedge fund "tens of millions of dollars".
For decades now there have been anecdotal tales circulating to the effect that the hacking of financial systems is relatively commonplace and frequent but, hitherto, financial institutions have preferred to keep schtum about such events, paying off or declining to prosecute the hackers whilst pretending to the public that all is well in an effort to buoy confidence in a battered and mistrusted sector. That's why the BAE Systems Applied Intelligence revelation is interesting. It is a straw in the wind and an indication that the case in point is just one attack amongst many and that the sector is slowly coming round to the idea that it might be a rather more sensible strategy to be transparent and front-up to the problem rather than to continue to obfuscate, deny and prevaricate. However, the cynical amongst you will note that the apparent change of heart comes as other financial institutions, government departments and strategic industries around world are also beginning to admit that they are the subject of ongoing ever more sophisticated cyber attacks.
Not out of the dogwoods yet
That said, Bloomberg News contacted several massive, but not publicly-traded hedge funds in and around New York City and each and every one of them declined to comment - so some things haven't changed that much.
Believe it or not, even the swashbuckling, free-booting, "to hell with the hindmost' ultra-capitalist hedge fund sector, which is worth US2.7 TRILLION, has a sort of trades union, or at least a representative body. It is called 'The Managed Funds Association' (MFA), and the its president and CEO, Richard Baker, says, "Firms are intently focused on identifying emerging threats and employing the newest, best mitigation techniques". He adds, "Several of our members members have made sizable resource commitments" to help ensure network security. He won't say who they are though nor is he keen to acknowledge that changes are being brought about as much by increasing regulatory and legal pressures as they are by a sudden Damascene conversion to transparency on the part of the hedge funds themselves.
Meanwhile, an ex G-Man, former FBI assistant director Shawn Henry, who is now a computer systems security expert in the private sector says, "This is a broad attack against the financial services sector and millions of dollars have been stolen from multiple hedge funds over the last five years".
Of course, the reason that hackers break into financial systems is to steal money but that doesn't necessarily mean a straightforward fraudulent transfer of financial assets. The hackers also infiltrate the systems to gain knowledge about comms networks and their weak spots and to get hold of sensitive information that can be used to make big profits on the legitimate stock market.
Time to box clever
What's more the cyber attackers may well be able to garner so much information as to be able potentially to bring down the the networks upon which the entire global financial system depends. It hasn't happened yet. But it could, and soon.
And then there's the little matter of state-backed and state-sanctioned hacking attacks with China and Russia frequently cited as being the prime instigators of massive cyber warfare aimed at destabilising the financial (and other important industrial) sectors of the West.
The general public remains contemptuous and dismissive of the seemingly unaccountable and secretive hedge funds that helped tip the world into recession back in 2008. Indeed, millions of people regard them in much the same way that Oscar Wilde thought of the mawkish, over-the-top description of the death of the character Little Nell that Charles Dickens wrote in "The Old Curiosity Shop" As Oscar said, "You would need to have a heart of stone not to laugh", and few of us in the real world will have much sympathy if greedy hedge fund investors and managers come a cropper and find themselves unable to but that extra truffle of a weekend.
But, that said, cyber crime is now recognised as being one of the greatest threats to industrial sectors, the stability of global markets and an even of governments and the nation state. It behooves us to treat the whole thing very seriously - and even tempering our schadenfreude where hedge funds are concerned. But it's hard.