Good reporting on Bloomberg about a criminal enterprise that had hackers break into the news wire services and then share those details for trading ahead of their release. See the links below for the full details, but I want to highlight two areas of prevention that could/should have mitigated/prevented/discovered this attack:
- Mandatory system refreshes within the environment – It is very common these days for end-user and server support systems to be refreshed periodically (I see in some organizations end user systems are refreshed annually up to 3 years and server support systems refreshed as frequent as every 15 minutes up to a year). For the attackers to have remained so entrenched in such a cycle there would have to been other ‘tells’ that the environment was compromised.
- Vendor / Third party security requirements – If you are a business and rely upon a third party, you must establish and ensure sufficient security practices are in place. If you do business with Amazon Web Services you can dive into tremendous detail on what they are doing to protect you, and what is your duty. For providers, such as news wires, the same vigilance and attention is required. This is not simple, and it is work to get this level of detail. If you are trusting your sensitive information though – it must be worth it.
There are many other actions that could be taken and I’d love to grab a coffee with friends to discuss … but in the meantime, check out the highlighted quote below and article:
Ukraine hackers…allegedly infiltrated the computer servers of PRNewswire Association LLC, Marketwired and Business Wire, a unit of Warren Buffett’s Berkshire Hathaway Inc.
Over several years, they siphoned 150,000 press releases including corporate data on earnings that could be used to anticipate stock market moves and make profitable trades. The hackers passed the information to their associates in the U.S., who allegedly used it to buy and sell shares of dozens of companies, including Panera Bread Co., Boeing Co., Hewlett-Packard Co., Caterpillar Inc. and Oracle Corp., through their retail brokerage accounts.