Businessman arrested for HKEX hacking

PUBLISHED : Saturday, 20 August, 2011, 12:00am
UPDATED : Saturday, 20 August, 2011, 12:00am
 

A 29-year-old businessman has been arrested in connection with the cyber attacks on the Hong Kong stock exchange's website last week.

The suspected hacker was taken into custody on Thursday after police raided his home in Yuen Long and the IT company he owns in Kwun Tong, where 17 computers as well as two mobile phones and five digital storage devices were seized.

'It is not too much of an overstatement to say that he is a computer expert,' said a senior police officer, who spoke on condition of anonymity.

'We believe we have got the right man. Whether the man took part [in the attacks] to show off his ability or he had some other dishonest intent, we still need to investigate. We do not rule out that there will be further arrests.' The suspect was still being held for questioning yesterday.

Superintendent Chiu Sau-mee of the commercial crime bureau's technology crime division said her officers had identified the suspect after scouring computer records obtained from the stock exchange after the first attacks on Wednesday last week.

'We arrested the man in Kwun Tong for the offence of access to computers with dishonest or criminal intent,' said Chiu. Police said they were still investigating the motive for the attacks, and whether the suspect had acted on his own or whether he was only 'one point' in a network.

Investigations so far indicate that the hacking was from a network of computers based overseas, including Russia, the mainland, Korea, Japan and Singapore. Investigators are still trying to track down the source of the command. Under section 161 of the Crimes Ordinance, accessing a computer with criminal or dishonest intent carries a term of five years' jail.

Thursday's arrest came at least eight days after the stock exchange reported that hackers had broken into HKEXnews.hk. The attacks came in the form of a so-called distributed denial-of-service attack. Such attacks aim to prevent access to a website by overwhelming its capacity to handle website traffic.

The exchange's website was shut and trading in seven firms - with a combined market value of HK$1.5 trillion - which were due to make announcements via the website had to be suspended for half a day.

The firms included HSBC, Cathay Pacific Airways and HKEx itself. Trading was also halted on a debt security and 419 warrants and derivatives linked to the suspended stocks. It was the first time that stocks had been suspended because of a cyber attack. Press reports said the website had been under attack for three days in a row. But trading resumed on Thursday last week and a backup website, bulletinboard.hk, set up.

HKEXnews.hk is the exchange's official site for all regulatory filings and disclosure announcements by its 1,463 listed firms. This covers 5,712 securities of other types, including warrants, derivatives and bonds.

The suspension sparked a heated debate on HKEx suspension policies. Critics said the exchange overreacted because investors could still access information on the websites of the companies concerned.

Share

 

Send to a friend

To forward this article using your default email client (e.g. Outlook), click here.

Enter multiple addresses separated by commas(,)

For unlimited access to:

SCMP.com SCMP Tablet Edition SCMP Mobile Edition 10-year news archive