Credit: © User:Colin/Wikimedia/CC-BY-SA-4.0

Hackers used stolen press releases to make $100m

US authorities have charged hackers with stealing market updates and profiting to the tune of $100m.

by Jack Torrance
Last Updated: 19 Aug 2015

Once focused on stealing credit card information and defrauding banks, hackers nowadays are looking at more intricate ways to make a buck. The world got a glimpse of that last night when the FBI and Securities Exchange Commission (SEC) said they had arrested a group of cyber criminals accused of stealing secret information about listed companies and using it to game the stock markets.

The hackers allegedly broke into the systems of three corporate news wires (PR Newswire, Marketwired and Business Wire) and stole unpublished press releases about businesses' performance. Journalists used to being deluged by these services might be amazed to discover they were worth anything at all, but the hackers passed these on to traders who were able to use the edge they had on the market to make a total profit of more than $100m (£64m). Nine of the accused were criminally charged by the FBI and accused of making $30m, while a further 23 were the subject of civil lawsuits by the SEC. 

'This cyber hacking scheme is one of the most intricate and sophisticated trading rings that we have ever seen, spanning the globe and involving dozens of individuals and entities,' said Andrew Ceresney, director of the SEC’s enforcement division.

The audacity of the scheme is pretty remarkable. The conspirators were allegedly able to begin making trades just 10 minutes after the information was received by the newswires and hackers even created a video tutorial to help traders view the information.

The episode also highlights the increasing threat posed to businesses by cyber crime. In this case it was the hacked news wires rather than the corporations themselves that were left red-faced, but it's clear to see that hackers aren't just interested in stealing money.

Last month, for instance, computer security firm Symantec identified a group it calls Butterfly, that it says has carried out dozens of financially-motivated attacks against major corporations including Apple, Microsoft and Facebook, and even pharmaceutical firms, in a bid to steal corporate secrets and intellectual property.

'This group operates at a much higher level than the average cybercrime gang,' Symantec said. 'It is not interested in stealing credit card details or customer databases and is instead focused on high-level corporate information. Butterfly may be selling this information to the highest bidder or may be operating as hackers for hire.'

The likes of Symantec are always saying business leaders need to take cybersecurity more seriously. While they obviously have a vested interest in that happening, this latest news shows that they've definitely got a point.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

A mini case study in horizon scanning

Swissgrid has instituted smart risk management systems for spotting things that could go wrong before...

Interview ghosting: Stop treating job seekers like bad dates

Don’t underestimate the business impact of a simple rejection letter.

5 avoidable corporate disasters

And the lessons to learn from them.

Dressing to impress: One for the dustbin of history?

Opinion: Businesswomen are embracing comfort without sacrificing impact. Returning to the office shouldn't change that....

How to motivate people from a distance

Recognising success in a remote or hybrid environment requires a little creativity, says Insight SVP...

What pushy fish can teach you about influence at work

Research into marine power struggles casts light on the role of influence and dominant bosses...