Team 12 Trading Computer Attack

From CyberSecurity
Jump to: navigation, search

Back to parent: Team 12 Main 

   C. Trading computer

      1. Making trades inappropriately.

--Cmckenzie 11:39, 21 October 2005 (PDT)[Maybe interesting to think about, but disregard this comment to some extent - reread the question and it is specifically about computer used to trade stocks on NYSE] The cost of this is going to depend on what can be traded. For example, making inappropriate futures contracts would probably allow an incredibly large loss to be made, though there would be a strong argument that such contracts wouldn't be legally binding, meaning the outcome was only a small loss of efficiency within the market. If contracts can be made and (4) is done too, then, maybe, bigger trouble. That said, trades happen at two endpoints and are centrally recorded on exchanges, so it may be difficult to kill off the records. Also, if the attacker can cover their steps sufficiently well, the institution may be unable to prove that the trades were executed without authorisation.


--Chris DuPuis 23:34, 23 October 2005 (PDT) Divide this into buying stock and selling stock.

Hurt confidence Any of these attacks could be used to reduce public confidence in the trader, and ultimately in the stock trading system, if used in enough high-profile cases. The greatest possible damage of any of these attacks is that investors will lose confidence in the stock trading system, leading to a stock market collapse. (This is the James Bond scenario.)

Buying stock Could be an attack on the finances of the investor or the trader. It could also be a means to funnel money to other parties (including terrorists), either directly to the seller of the stock (maybe an IPO company), or indirectly by temporarily raising the price of the stock.

Selling stock Could be used to decrease price of a target stock (make unsuspecting shareholders sell off their shares). 


      2. Failing to make trades when requested

--Chris DuPuis 21:32, 21 October 2005 (PDT) One possible motivation for failing to make trades would be to undermine investors' confidence in the trading house. If the Schwab computers reported errors whenever a particular large customer tried to make large trades, that customer would be unlikely to remain with Schwab for long.

Also, a program that introduces delays into transactions (which would be easily hidden in the background of unpredictable delays inherent in Internet processing) could be written. Such a program could delay particularly significant transactions for a few seconds, and signal a remote program that the transaction was about to take place. With the knowledge thata major trade was immanent, this remote program could buy (or sell) stock to profit from the inside information. (The signal could be something as untraceable as buying an unusual number of shares of some unpopular stock.) 

      3. Reporting incorrect information.

This and #4 are both part of the same issue: rather than following the correct protocol for buying and selling, even when doing so inappropriately, an attack could break the protocol, causing the buyer to "forget" that it owns stock, or the seller to "forget" that it has already sold a stock. As Cameron notes below, this would undermine property rights. 

      4. Failing to store records of trades

--Cmckenzie 11:39, 21 October 2005 (PDT)This is an interesting idea. Managing to undermine property rights within a trading system would be potentially very destructive. Interestingly, I have a contact with a risk management guy at a large scale funds management and consulting group, who told me that they keep more paper records than you would guess despite automatization, to fight this very problem.

Retrieved from "http://cubist.cs.washington.edu/CyberSecurity/index.php?title=Team_12_Trading_Computer_Attack&oldid=2295"