STOCKBROKERS across the region have raised their defences after several cyber attacks on online trading systems in the past week.
Among the measures taken are to allow clients to make transactions on the phone or use alternative “clean pipes” to filter trading to ensure only genuine orders go through.
Since last Wednesday, many stockbrokers have been hit by distributed denial-of-service (DDoS) attacks. So far, most brokerages have been able to shut down their systems when they are under attack and revert to traditional ways of conducting transactions.
“That is until they get clean pipes to start the online trading,” one Malaysian broker said. “So far there is no financial impact [but] it slows down transactions a little.”
Overwhelming IT systems
The attacks involve cyber criminals using hijacked or virus-infected computers that target brokerage websites and pump in an extraordinarily high number of orders, overwhelming IT systems to the point where they are unable to function.
A stockbroker said it was fortunate that the number of transactions conducted online in the region was still relatively small.
“For instance, in Malaysia online trading is only about 20 per cent of total trade – unlike in Hong Kong, South Korea or Japan where the online trading volume is high,” said a broker.
The broker added that stock brokerages in more advanced financial centres such as Hong Kong have been under cyber attacks for the past few years and these have increased.
According to a report in January this year, firms in mainland China and Hong Kong encountered a 969 per cent increase in such attacks between 2014 and 2016.
However, so far there has been no report of brokers giving in to the demands of the cyber groups attacking their systems.
“Like many other industries, stock brokerages simply need to increase their protection of IT systems,” said a broker.
The broker said that clean systems could filter genuine orders from fake ones, but their capacity to do so may be limited.
A spokesperson from another brokerage said that clients could be charged marginally higher rates when placing share orders through phones. “However most brokerages are not charging any extra fees, as volume on Bursa Malaysia has been low,” he said.
In terms of trading volume on the Malaysian exchange, total turnover on Wednesday, when the attack began, was 1.49 billion shares worth 1.69bn ringitts (Bt13.42bn), compared with 1.9bn shares valued at 1.8bn ringgits on the day before the attack.
The Malaysian Communications and Multimedia Commission said it was assisting the stock exchange in investigating the disruption caused by cyber attacks.
The Securities Commission (SC) said in a statement on Friday that it was closely monitoring potential cyber incidents, adding that the management of cyber security risk remains a high priority.
An SC spokesperson said it has also requested market participants to remain vigilant. The SC said it had detected several anomalies and directed Bursa Malaysia and brokers to be on high alert and implement necessary risk-mitigating measures.
The spokesperson said it had noted no significant disruption in trading, and the market continued to operate in an orderly manner. The SC added that it was working closely with relevant agencies to manage potential cyber security incidents.