back to article Hackers steal trade secrets from major US hedge firm

Criminals have successfully attacked a hedge fund, delaying trades and stealing profitable secrets in a rare direct raid on the financial services sector, according to BAE Systems Applied Intelligence. The clever hack cost the unnamed US-based hedge fund millions of dollars over two months, the firm alleges. Attackers …

COMMENTS

This topic is closed for new posts.
  1. Destroy All Monsters Silver badge
    Trollface

    Henninger did not know if the hack was reported to the Securities and Exchange Commission [probably sleeping anyway] or FBI and noted that funb would have little incentive to do so.

    So who is funb? The board of fun?

    The unnamed company, which initially laughed off the disclosure,...

    They were still on the way to the bank. Probably with your money.

    1. A Non e-mouse Silver badge

      So who is funb? The board of fun?

      If only there was a link with every El Reg article where you could submit corrections such as these...

  2. A Non e-mouse Silver badge

    The assumption of espionage was given further weight because attackers added slight delays to the time between the issuance and execution of the victim's trades

    Personally, I feel all trades should have an minimum delay.

    1. Destroy All Monsters Silver badge

      Indeed. I hear some HST currently push money to the NYSE to get notified earlier than the rest of the world about what's rolling down the pipe. This ain't called doing business.

      From Krebsonsecurity:

      “So do you think this is legit, or is the guy trying to scare us?” the IT director asked in an email to KrebsOnSecurity.com, agreeing to discuss the incident if he and his company were not named. “He has sent me the logs for the connections to the infected server. I checked the firewall and am not seeing any active connections.”

      The hairs, they are pointy!

    2. Gordon 11

      Personally, I feel all trades should have an minimum delay.

      Or perhaps there should be a minimum time before you can sell what you've bought? To encourage trading on business performance, rather than network performance.

  3. Tromos
    Joke

    Bring me...a shrubbery

    Hedge firm attackers unknown? Obviously the knights who say 'ni'.

    1. Scott Broukell

      Re: Bring me...a shrubbery

      Me, I'm investing in garden centres - the fuchsias in garden centres.

  4. Warm Braw

    "Criminals"

    Just shows how the law can be topsy-turvy.

  5. keithpeter Silver badge
    Windows

    Cui bono?

    Those trades that occurred after the hack introduced the delay into the target company's system: who won them? Is there a pattern?

    I'd imagine there must be a way of raising this with an appropriate agency as the consequences of a free for all could be significant. Perhaps a 'discretion guaranteed' channel?

    The tramp: no bonuses for me

    1. Destroy All Monsters Silver badge

      Re: Cui bono?

      Nobody even ever found out who shortened United Airlines shortly before 9/11.

  6. Elmer Phud

    Delays are there to make money

    Some time ago there was (apparently) work done within BACs to see how fast a transaction could be made from anywhere to anywhere else on the planet

    When those from higher up were shown that nine seconds could be achived they asked if it could be made a tad longer to ensure transaction hung around long enough to be able to let third and other parties to make money.

    Ain't just the crooks that are doing time.

  7. Anonymous Coward 101

    Let's hope the bastards who committed this heinous crime rot in prison for the rest of their lives.

    1. Fatman
      FAIL

      RE: "rot in prison for the rest of their lives."

      Let's hope the bastards who committed this heinous crime rot in prison for the rest of their lives.

      That will NEVER happen. The bankers wankers OWN the gubmint.

  8. Anonymous Coward
    Joke

    What we really need...

    Is a 'tiny violin' icon...

  9. John Smith 19 Gold badge
    Holmes

    "Escalated to Board level"

    As opposed to all the other stuff that f**ks up staff lives but doesn't cost Directors bonuses.

    I have to ask, if are BAE saying they can't name them (because they are a client) or they really don't know who the company?

    In which case how do they know about it?

  10. david 12 Silver badge

    'secret sauce', 'trade secrets'

    Not by any ordinary meaning of the terms. Not even 'secrets' by any ordinary meaning of the term: market trading is done in public, in a public market, with the public.

    Writing as a person who created trade secrets, and the secret sauce, in the finance industry, I wondered if the miscreants had stolen trade secrets, or secret sauce, and if so, if they could possibly have made any money out of doing so, and if the victim could possibly have lost money from the theft.

    Reading the article, I see that the answers are No, and No: if any trade secrets were stolen, it didn't cost the firm anything, and didn't gain the thieves anything.

    The theft, the loss, the gain, came from front-running and the artificial delays. So a descriptive headline would have been something like:

    Hackers steal millions from major us hedge firm

    Hackers intercept trades from ..

    Hackers delay trades from ...

    Hackers re-route trades from ...

    Hackers inside-trade inside ...

    1. Anonymous Coward
      Anonymous Coward

      Re: 'secret sauce', 'trade secrets'

      Hackers save world from shady traders

  11. Nick Ryan Silver badge

    Right. So a "trader" in a virtual market that performs promisory non-transactional trades in this trust-based virtual market as quickly possible while making money from others that do the same claims to have lost some unverifiable virtual money because they weren't making these phantom transactions as quickly as they expected.

    Maybe I'm just too cynical but I've yet to find somebody who can genuinely explain just where the money (and value) is generated from these high speed non-transactional, trust based, non-interactive transactions on finite resources comes from.

    1. TheSkunkMonk

      Thats because it comes from nothing, making diamonds out of dirt only they got that cheeky that they don't use the dirt anymore.

This topic is closed for new posts.

Other stories you might like