Security News > 2011 > January > Hackers find new way to cheat on Wall Street -- to everyone's peril
http://www.infoworld.com/d/the-industry-standard/hackers-find-new-way-cheat-wall-street-everyones-peril-699 By Bill Snyder Tech's Bottom Line January 06, 2011 High-frequency trading networks, which complete stock market transactions in microseconds, are vulnerable to manipulation by hackers who can inject tiny amounts of latency into them. By doing so, they can subtly change the course of trading and pocket profits of millions of dollars in just a few seconds, says Rony Kay, a former IBM research fellow and founder of cPacket Networks, a Silicon Valley firm that develops chips and technologies for network monitoring and traffic analysis. Kay, an Israeli-born computer scientist and one-time Intel engineering manager, says the root of the problem is the increasing speed of networks; as they get faster and faster, our ability to actually understand events taking place within them isn't keeping up. Network monitoring technology can detect perturbations in network traffic happening in milliseconds, but when changes occur in microseconds, they're not visible, he says. cPacket has developed a proof of concept showing that these side-channel [4] attacks can be used to create tiny delays in the transmission of market data and trades. By manipulating specific trading activities by several microseconds, an attacker could gain unfair trading advantage. And because the operation occurs outside the range of monitoring technology, it would remain invisible. "We believe that such techniques pose a substantial risk of creating unfair trading, if used by the wrong people," Kay says. (A side-channel attacker looks at indirect information related to the computer -- the electromagnetic emanations from screens or keyboards, for example -- to determine what is going on in the machine. ) [...] ___________________________________________________________ Tegatai Managed Colocation: Four Provider Blended Tier-1 Bandwidth, Fortinet Universal Threat Management, Natural Disaster Avoidance, Always-On Power Delivery Network, Cisco Switches, SAS 70 Type II Datacenter. Find peace of mind, Defend your Critical Infrastructure. http://www.tegataiphoenix.com/