Around half of the world’s securities exchanges were the target of cyber attacks last year, according to a paper based on a survey of 46 exchanges.
The prevalence of attacks along with the interconnected nature of the markets creates the potential for widespread impact, said the joint staff working paper by the International Organization of Securities Commissions’ (IOSCO) research department and the World Federation of Exchanges Office. (Link to the report:)
“There could be systemic impacts … from cyber attacks in the securities markets, especially considering that our financial system is relying more and more on technological infrastructure,” the report’s author, Rohini Tendulkar of the IOSCO Research Department, said in an interview.
Among the exchanges surveyed, 53 per cent said they experienced a cyber attack last year. The most common forms were Denial of Service attacks, which seek to disrupt websites and other computer systems by overwhelming the targeted organizations’ networks with computer traffic, and viruses.
Other forms of cyber crimes reported by the exchanges included laptop theft, website scanning, data theft, and insider information theft. None of the exchanges reported financial theft as part of the attacks.
“Cyber crime also appears to be increasing in terms of sophistication and complexity, widening the potential for infiltration and large-scale damage,” the report said, adding that a major attack could result in widespread public mistrust and a retreat from the markets.
In Britain, worries over hacking and other cyber attacks have pushed aside the euro zone crisis as the top risk for that country’s banks, a senior Bank of England official said last month.
There is limited data on the costs of cyber-crime to securities markets, but the paper said a number of studies have looked at the costs of cyber crime to society as a whole, with estimates ranging between $388 billion to $1 trillion.
The exchanges in the survey said the direct and indirect cost of cyber attacks cost them each less than $1 million last year.
The lack of widely available insurance against cyber crime adds to the risk, as nearly four in five exchanges would have to bear the costs of a major attack themselves, the survey found.
The 58-page report said the survey of exchanges was the first of a series of surveys on cyber crime across different types of securities market actors.
Image Credit: Emilio Guerra