• Wed
  • Jul 23, 2014
  • Updated: 11:47am
NewsHong Kong
COURTS

Cyberattack on stock exchange website denied

Trial starts of businessman accused of launching raids, forcing shutdown of HKEx site last year

PUBLISHED : Tuesday, 25 September, 2012, 12:00am
UPDATED : Tuesday, 25 September, 2012, 4:23am

A businessman accused of unleashing a cyberattack on the stock exchange website and showing how to launch such a raid has gone on trial.

Tse Man-lai 28, pleaded not guilty in the District Court yesterday to two counts of obtaining access to a computer with criminal or dishonest intent.

Tse allegedly carried out the attacks on August 12 and 13 last year from a computer at his home in Kingswood Villas, Tin Shui Wai. He is also accused of setting up a blog that demonstrated an attack on the HKExnews.hk site.

The attacks prevented people from accessing the price-sensitive information of listed companies. The bourse shut down the website and suspended trading in seven firms, including HSBC, with a combined value of HK$1.5 trillion, on August 10.

Prosecutor Olivia Tsang Oi-kei said Tse committed the offences for personal gain and to get business for a company he set up in 2008.

Tsang said HKExnews came under two "denial-of-service", or DoS, attacks. They are designed to interrupt or suspend an internet service to its users. When such attacks target one or more domain name system - critical components of the internet infrastructure - they are called DDoS attacks.

Tsang said a large number of "attacking packets" had been sent from two internet protocol addresses under the name of Tse's mother, which were assigned to the Tin Shui Wai address. Investigators seized a computer from the flat, which they later confirmed was the device from which the attacks were launched.

Someone using the computer had created a blog entry titled "Ernest Networking teaching" with a demonstration of an attack against HKExnews, Tsang said.

The author of the blog asked people to subscribe to a method to prevent DDoS attacks which the author had invented. A website address for web-hosting services provider Pacswitch Globe Telecom, which Tse formed in 2008, was provided.

The examination also revealed that a Yahoo user with the handle Ernest had posted two messages related to the attacks on Yahoo.

Tsang said that as a result of the attacks, 48 per cent and 54 per cent of network resources on the HKExnews web server were "wasted", on the two days respectively, without elaborating on what that meant.

"The prosecution's case is that the defendant was the person who used the computer to launch the two attacks on HKExnews, and subsequently to post or create the messages on the blog and the Yahoo webpage, all done with a view to dishonest gain for himself by promoting the business of his company, namely Pacswitch," Tsang said.

The trial continues before Deputy District Judge Kim Longley.

Share

For unlimited access to:

SCMP.com SCMP Tablet Edition SCMP Mobile Edition 10-year news archive
 
 

 

This article is now closed to comments

David
Interesting article, thanks.
Regarding: "...When such attacks target one or more domain name system - critical components of the internet infrastructure - they are called DDoS attacks."
Additionally, a DDoS ( Distributed Denial of Service ) attack, is characterised by the "Distributed" nature of the attacking computers. A DDoS attack needn't target only the root DNS network but may also attack specific websites.
In this particular case it is a simple DoS attack, from 1 or 2 computers, .
Protection against DoS and DDoS attacks is an important consideration in network and server architecture today.
 
 
 
 
 

Login

SCMP.com Account

or