Hackers bombard gold exchange
Anita Lam and Toh Han Shih
Police are investigating a cybercriminal attack on Hong Kong's Chinese Gold & Silver Exchange in the past two weeks, part of a growing number of 'distributed denial of service' attempts across the city.
The attack on exchange members was one of 11 such incidents since the beginning of the year, the same number of cases reported for the whole of last year, a Hong Kong police spokesman said.
During the attacks, which the exchange reported to police on March 16, hackers posted false rumours on line about exchange members and prevented clients from accessing the online trading systems of members, said exchange chief executive Haywood Cheung Tak-hay. After the attacks, the hackers threatened members with more severe attacks unless they paid at least HK$100,000.
The exchange is adding software to its IT systems to screen out potentially risky e-mails to prevent cyberattacks, he said.
Cheung said the recent attack was the most serious the bourse had suffered to date. Its 172 members are mainly gold traders and goldsmiths.
'Eight members of the exchange suffered these cyberattacks in the last two weeks,' said Cheung.
'Before that, we had minor attacks targeting one or two members. For the past two weeks, these attacks have been severe. I think the attacks are organised, that's the problem.' He said that the attacks probably originated from China, Australia and New Zealand.
'It looks to be the work of criminal elements. It looks to be serious,' said Steve Vickers, chief executive of Steve Vickers Associates, a Hong Kong risk consultancy.
'It would appear that this is a classic but crude extortion case. But the attack does not have the hallmarks of world-class professionals,' said Vickers, a former policeman.
There was absolutely no foolproof protection against cyberattacks, he added. 'Overall, this should not be the cause of widespread public concern, although the extortion is worrying.'
The kind of cyberattacks on exchange members in the past two weeks is called 'distributed denial of service', which targets companies that use many online transactions and involves attackers preventing the companies' clients from connecting to their IT systems.
'It's like putting a rock in front of your store to keep customers away,' said Roy Ko Wai-tak, manager of the Hong Kong Computer Emergency Response Team Co-ordination Centre.
'The company has to pay blackmailers if they wish to resume trading. Financial institutions are the best target for these hackers because they rely heavily on online transactions and are more likely to pay a ransom since they face huge losses with every minute of a shutdown.'
The cyberattacks also affected web hosting companies and the IT systems of financial institutions, with reports of criminals attempting to blackmail their victims, a Hong Kong police spokesman said.
'Given the increase in such cases, the police held many discussions with industry players over the past year,' he said. 'With the co-operation of IT specialists, the police enabled e-commerce entities to increase their ability to counter cyberattacks.
'The police have been closely co-operating with enforcement agencies in the mainland and other countries to tackle such crimes.'
More financial institutes may face this kind of cyberattack, Ko warned. Such attacks had been carried out in Western countries in the past two years, but it was not until the middle of last year that Hong Kong police received the first report of 'distributed denial of service', Ko said.