• EN

    • -+ 0.00%
    -+ 0.00%
    -+ 0.00%

    Cyberattacks cause the jitters

    The Star·05/02/2025 23:00:00
    Listen to the news

    LAST week’s hacking of a few local stockbrokers is a matter not to be taken lightly.

    A thorough investigation ought to be conducted. Where were the weaknesses in the systems and what is being done to fix them?

    Was any party guilty of market manipulation via the cyberattack? For now, the damage seems to be contained because the authorities here will reverse or cancel the trades.

    This means that the hackers may not be able to profit from the illegal trades.

    However, it should be noted that it is not going to be easy to determine which trades were legal and which were not. Nevertheless, this could have been a mission by the hackers to test their capabilities.

    If so, it was a resounding success, as they managed to penetrate local systems and execute buy trades for some stocks.

    The incident inevitably draws attention to the brokers and their technology partners.

    In Malaysia, the two largest players are N2N Connect Bhd and Excel Force MSC Bhd.

    To ensure that trading accounts are less vulnerable to hacking, stockbrokers have since added more controls, such as requesting more authentication from users especially if they are trading away from their usual places, more so if they are abroad.

    An experienced stock broker says online trading accounts will soon have the same level of security as banks today.

    The recent breaches make all of this necessary.

    The Malaysian investors whose trading accounts were compromised by the hackers should consider themselves fortunate as the authorities have stepped in to cancel those transactions.

    Things are much worse in Japan.

    A recent Bloomberg article highlights that criminals have been hacking into online brokerage accounts there since February and using that to buy penny stocks around the world.

    The fraudulent trading there has reached more than US$700mil worth and the worst thing is that the victims are not sure that they will be compensated for their losses as brokerages are saying that they are looking into the matter on a case-by-case basis.

    The regulators there also do not seem to be of much help, leaving it to the brokers to deal with the matter.

    Incidentally, industry sources here say that in the recent hacking incident, the associated internet protocol addresses surprisingly came from Singapore and Hong Kong.

    Hackers typically operate from far-flung locations such as Russia, China or North Korea.

    The sources also say that aside from the warrants of Bina Puri Bhd, other stocks affected included Pos Malaysia Bhd and some Hong Kong structured warrants that are listed on Bursa Malaysia.

    With the ability to hack into Malaysian brokerage systems proven, the concern is whether the same hackers are planning a larger and more widespread attack that could take place more covertly?

    We all know that cyberattacks are one of the scariest things today. Some of our financial institutions have already been the victims of denial-of-service type attacks.

    In the past, such attacks also halted the trading of stocks on the local exchange. But this is probably the first time that the trading accounts have been hacked to execute illegal trades.

    The Netflix series Zero Day, aptly portrays how devastating a cyberattack can be, even crippling the United States, disrupting critical infrastructure like transportation, power grids and communications.

    A cyberattack is the first concern today when any country’s infrastructure fails.

    Just this week, the Spanish grid operator ruled out a cyberattack as the cause of the massive power cut that crippled Spain, Portugal and parts of France.

    This is why Malaysia’s National Cybersecurity Strategy must be executed effectively to minimise the risks posed by cyberattacks.