CyberWolf: assessing vulnerabilities of ICT-intensive financial markets

The volume of transactions in financial markets is impressive: e.g., every four days an amount similar to the USA GDP flows through the Forex (foreign exchange, which is only one of the several financial markets). Currently, financial markets are ICT-driven, i.e., about 60% of transactions are automatically launched by computers and the annual impact of such transaction is greater than 30 times the world GDP. The growing complexity of financial instruments has led to an increase in the underlying technology, and consequently it opened the door to vulnerabilities in the security and control systems. In this paper we illustrate CyberWolf, a novel attack that exploits a vulnerability of the financial market control system. The aim of the attack is creating the possibility of carrying out transactions of financial products at prices which differ significantly from their real value. In particular, CyberWolf exploits the delay of actions of market makers, who are the entities responsible for regulating the price of the financial instruments exchanged. Interestingly, the attack can be performed against big financial markets and by using a cheap setting; we show the feasibility of our attack against the Italian Stock Exchange (FTSE-MIB) by using only a laptop and a DSL internet connection. We consider the Italian Stock Exchange as a stress-test example for this kind of attack, because it is a liquid financial market (with just a few illiquid instruments) and has an effective regulator. Performing this attack on smaller and / or poorly regulated markets could lead to pathological situations that are not representative of a general case. The purpose of this paper is to highlight the possibility of fraudulent transactions, created by traders who by-pass the control of market regulator.

[1]  Mao Lin Huang,et al.  A Visualization Approach for Frauds Detection in Financial Market , 2009, 2009 13th International Conference Information Visualisation.

[2]  Xi Chen,et al.  Assessing the severity of phishing attacks: A hybrid data mining approach , 2011, Decis. Support Syst..

[3]  Brian F. Mannix Races, Rushes, and Runs: Taming the Turbulence in Financial Trading , 2013 .

[4]  Andrew B. Whinston,et al.  The Internet and the future of financial markets , 2000, CACM.

[5]  K.V. Nesbitt,et al.  Finding trading patterns in stock market data , 2004, IEEE Computer Graphics and Applications.

[6]  Chester Spatt,et al.  Security Market Manipulation , 2014 .

[7]  Song Tan,et al.  Online Data Integrity Attacks Against Real-Time Electrical Market in Smart Grid , 2018, IEEE Transactions on Smart Grid.

[8]  Yechiam Yemini,et al.  MarketNet: protecting access to information systems through financial market controls , 2000, Decis. Support Syst..

[9]  Bruno Sinopoli,et al.  False Data Injection Attacks in Electricity Markets , 2010, 2010 First IEEE International Conference on Smart Grid Communications.

[10]  A. Hovav,et al.  The Impact of Denial‐of‐Service Attack Announcements on the Market Value of Firms , 2003 .

[11]  Paul R. Carpenter,et al.  A Framework for the Analysis of Market Manipulation , 2012 .

[12]  Daniel A. Keim,et al.  Task-at-hand interface for change detection in stock market data , 2006, AVI '06.

[13]  Vasilios Mavroudis Market Manipulation as a Security Problem: Attacks and Defenses , 2019, EuroSec@EuroSys.