UPDATE: Hong Kong Trading Halted by DDoS Attack

Thursday, August 11, 2011



UPDATE 8/11/11: Trading on Hong Kong’s stock market, Hong Kong Exchanges & Clearing, remains suspended today following a “coordinated and sustained” distributed denial of service attack on one of the exchange’s websites Wednesday. Several companies, including HSBC, China Power International and Cathay Pacific found their shares unavailable late Wednesday following the attack according to a report from BBC.

Source:  http://threatpost.com/en_us/blogs/ddos-attack-forces-hong-kong-exchange-site-offline-second-day-081111

*   *   *

The Hong Kong Exchange (HKEx) was forced to suspend some trading in the wake of a cyber attack on trading system websites.

HKEx officials at first attributed the disruption to "technical problems" and first released the following statement:

Hong Kong Exchanges and Clearing Limited (HKEx) announced today (Wednesday) that HKExnews website services are being interrupted due to technical problems. Contingency measures have been invoked until further notice to provide for the continued dissemination of issuers’ regulatory news.  

HKEx’s other systems are not affected and trading in its securities and derivatives markets continues to operate normally.

HKEx is now investigating the problem and the HKExnews website services will resume as soon as the technical problem is resolved.

Where can investors find issuers’ information?

As a result of the website service disruption, issuer documents submitted to HKEx for publication on the HKExnews website (www.hkexnews.hk) and the Growth Enterprise Market website (www.hkgem.com) may not be published on the HKExnews website.  

In addition, investors can refer to the temporary Bulletin Board (www.bulletinboard.hk) that lists all documents published by issuers following the website service disruption and refer to the issuers’ websites to view these documents.  Issuers’ website address can be found on the Bulletin Board.

Will trading of securities of individual issuers be suspended?

HKEx has adopted a half day (i.e. one trading session) suspension policy for issuers which announce price sensitive information during the lunch publication window today.  This trading suspension policy aims to give all investors sufficient time to understand the contingency arrangements and locate issuers’ announcements on their websites.   

Trading in an issuer’s shares will also be suspended if price sensitive information announcements are not timely posted on an issuer’s website and/or the headlines and document titles are not timely posted on the Bulletin Board. 

Notifications on suspension and resumptions will be published on the Bulletin Board.  AMS* Exchange News information pages will contain details of the suspension announcements.  The suspension / resumption announcement is also posted on individual issuer’s websites.

*The Automatic Order Matching and Execution System for HKEx’s securities market 

Additional Information

Exchange participants and information vendors are reminded to inform their individual clients about the above mentioned service disruption and contingency measures.

After a preliminary investigation, the source of the disruption was acknowledged to be a hacker attack that was preventing investors from having access to important corporate announcements used to make trading determinations.

"Our current assessment that this is a result of a malicious attack by outside hacking," said Charles Li, the chief executive of Hong Kong Exchanges & Clearing (HKEx).

HKEx officials later released a second statement:

Due to technical problems encountered at the HKExnews website (www.hkexnews.hk), the interim results announcement of Hong Kong Exchanges and Clearing Limited (“HKEx” or “the Company”) and its subsidiaries for the six months ended 30 June 2011 submitted by the Company at 12:44 pm today for publication on the HKExnews website may not have been publicly accessible.  HKEx Board of Directors announces that trading in the shares of HKEx on The Stock Exchange of Hong Kong Limited has been suspended with effect from 1:30 pm on Wednesday, 10 August 2011.

Without access to the important lunch hour announcements, HKEx officials decided to implement an emergency half-day trading contingency.

Officials indicate that critical systems involved in the actual trades themselves were not affected by the attack. Nonetheless, the event was a first for the Hong Kong exchange.

"It was the first time for a suspension due to such a kind of technical problem and one involving so many companies," said the chief dealer at Cheer Pearl Investment in Hong Kong, Alfred Chan.

While the attack is considered to be an unsophisticated operation targeting "low hanging fruit" - vulnerabilities that are common and easily exploited - there should be significant concern that such a major disruption could so easily be undertaken.

The attack demonstrates that financial systems remain highly susceptible to interruptions from cyber attacks.

Source: http://ca.news.yahoo.com/hk-exchange-trading-disrupted-hackers-target-website-112104764.html

Possibly Related Articles:
Vulnerabilities Cyber Security Attacks Headlines Financial hackers Stock Trading Hong Kong Exchange HKEx
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.