Hackers hit Hong Kong traders' websites

PUBLISHED : Tuesday, 03 July, 2012, 12:00am

UPDATED : Tuesday, 03 July, 2012, 12:00am

Promotions

SCMP invites you to attend LONGINES HONG KONG MASTERS 2015

WIN FREE MOVIE TICKETS TO WATCH MORTDECAI

Hong Kong police are looking for more potential victims after 16 local investment and trading companies' websites, with a combined estimated daily trading volume of HK$44 billion, were compromised by mainland computer hackers.

Police said six men from Shanghai, Hunan and Hubei were arrested in a joint operation by Hong Kong and mainland police on June 20 for launching 'distributed denial of services attacks' - which swamp targeted websites with vast amounts of data - and blackmailing their victims for a total of 460,000 yuan (HK$563,000).

Police believed there could be more unreported victims and appealed to them to come forward.

Wang Xiaoyang, from the mainland's Public Security Bureau internet safety protection department, said: 'Every successful attack not only caused great losses to the company, but also affected the stability of Hong Kong's financial system.'

The Hong Kong Police Technology Crime Division received reports between February and June about the attacks on 16 gold and silver investment and securities trading companies and the Chinese Gold and Silver Exchange Society.

Fifteen of the companies were blackmailed for 30,000 yuan to 100,000 yuan. Four companies transferred 290,000 yuan to the attackers' mainland bank accounts. The identities of the 16 firms were not disclosed.

Roy Ko Wai-tak, manager of the Hong Kong Computer Emergency Response Team Co-ordination Centre, said the denial of service attacks had become more popular in recent years as a way of extorting money from financial institutions.

'In the past, we talked about computer viruses or hacking,' Ko said. 'This is not a real hacking - it just makes your computer unable to operate normally as it tries to process meaningless data.'

He said more companies had been offering data-scrubbing services to filter out malicious data before it reached websites and more firms had become aware of the threat since last year's hacking of the Hong Kong stock exchange's regulatory disclosure site.

Police found that overseas hackers orchestrated that attack, which crashed the HKEx website and forced the suspension in trading of seven companies with a combined market value of HK$1.5 trillion. They included HSBC, Cathay Pacific and HKEx itself. Trading was also halted on a debt security and 419 warrants and derivatives linked to the suspended stocks.

187m

The number of identities exposed worldwide last year through hacking attacks, according to software firm Symantec