A 2018 poll done by the Investment Adviser Association found over 80% of advisors think cybersecurity is their top compliance challenge. The Investment Advisor’s latest survey of independent broker-dealer executives revealed that nearly 70% see cybersecurity as their greatest long-term technology concern.
Why the concern?
Hackers are using distributed denial-of-service (DDoS) attacks in an attempt to manipulate stock prices, lowering the target stock value, currency value and temporarily blocking trade.
Big banks like Wells Fargo and JP Morgan Chase have had their customer website slowed or even blocked at instances. These cases aren’t new. The 2014 Sony attack was not a first. Using the Sony hack as a starting point lead to connections to a number of other attacks.
These hacks are part of a prolific group, which goes by the name, ‘ Lazarus Group.’ Their first activity was among three dozen of US and South Korean websites in 2009. Changing their methods and developing new techniques, these hackers occasionally grew more destructive.
These hacks were so strong that they managed to wipe out Sony’s servers, stealing terabytes of data, and ultimately brought the entertainment giant to its knees. Peter LaMontagne, CEO of Novetta told The Wire, that the ‘nature of the attack’ shows that ‘perpetrators of this were well-organized and well-resourced’.
The researchers found the deadly malware weapons by Lazarus that includes families of remote-access trojans, keystroke loggers, installers and uninstallers, spreading mechanisms, DDoS botnet tools, and hard drive wipers used in striking Sony.
These hackers took credit for a 6% slide in the share price of Sony following an attack on Playstation Network. This is have hurt industries in US, South Korea, Taiwan, China, Japan, and India. They infiltrate the government, media, military, aerospace, financial, and critical infrastructure.
It is completely possible that the numerous attacks attributed to the Lazarus Group can be conducted by a number of groups rather than a single group. However, it is interesting to observe Novette saying that the goals and the ” tools, methods, taskings, and even operational duties” are similar.
The most prominent of these attacks were ignited on Capitol Hill on the fourth of July, which prompted one lawmaker to urge President Obama to use a “show of force” against North Korea.
The latter struck in March 2011 and targeted South Korea’s media, financial and critical infrastructure.
The most fascinating of the Lazarus was perhaps March 2013, with the DarkSeoul attacks. The attacks targeted 3 of South Korea’s broadcasting companies, several banks and an ISP. They did this using a logic bomb to wipe out the hard drive on the computers at a specific date and time, halting the usage of ATMS for a while.
What makes it difficult recognizing these hackers are their multiple identities and a certain amount of disinformation making it difficult to find relations in these attacks. Hence, the job of the security research company is much more complex.