Federal authorities have shut down a ring of hackers who used techniques such as phishing to infiltrate newswire services to gain access to corporate press releases.
Homeland Security Secretary Jeh Johnson briefs the press, flanked by U.S. Attorney Paul Fishman and SEC Chair Mary Jo White.
The indictment alleges how the hackers users used phishing to infiltrate the newswire services and how they used anti-forensics to evade detection for five years. Using these press releases, the criminals were able to quickly place trades before the public had access to the information. For example, the SEC alleges:
At times, the hackers and traders had a very narrow window of opportunity to extract and use the allegedly hacked information. In one particularly dramatic instance on May 1, 2013, the hackers and traders allegedly moved in the 36-minute period between a newswire’s receipt and release of an announcement that a company was revising its earnings and revenue projections downward. According to the SEC’s complaint, 10 minutes after the company sent the still-confidential release to the newswire, traders began selling short its stock and selling CFDs, realizing $511,000 in profits when the company’s stock price fell following the announcement.
Remediation is nice and catching bad guys is good. But that takes a long time during which a lot of harm can occur. The need to protect against phishing is clear.