A Wall Street Crash through a cyberattack … could it ever happen?

I see more and more these days about cybercrime.

The latest thing was a survey that landed in my inbox from PwC, which finds that cybercrime is the second most common economic crime affecting companies in the financial services sector after traditional fraud.  Key findings include:

In financial services, cybercrime accounts for 38% of all economic crime incidents, compared to 16% for other industries.

In particular, mobile finance is making it worse with apps to access banking services and mobile phones to make payments likely to increase, rather than decrease the risks.

Almost half (45%) of  financial services companies suffered a fraud in the last year, a much higher figure than the 30% reported by other industries.

Asked what aspects of cybercrime they were most concerned about, more than half said their greatest concern was around reputational damage.

Download the PwC Research: Economic crime in financial services

None of this particularly surprises me, especially when you add things like the Economist article in January about The War on Terabytes:

America’s defence secretary, has suggested that a cyberattack on financial markets, the power grid and government systems could be “the next Pearl Harbour”. In a move that received surprisingly little attention, Barack Obama signed an unprecedented executive order in July declaring the infiltration of financial and commercial markets by transnational criminal groups to be a national emergency.

So what would be the nightmare scenario?

We’ve already seen some of it.

The scenario of a government planting a malware into the financial grid with a specific target, such as the wipe-out of the US financial markets for specific counterparties.

So here’s a cheery little piece to set the scene for a racy new thriller.

The opening page.

Here goes.

Shaiming Zheng had finally finished his masterpiece.  He had created a worm that would infiltrate the heart of the American dream: Wall Street.

Like the Israeli Stuxnet attack on the Iranian nuclear facilities in 2010, Shaiming had been hired to achieve the same result on the New York Stock Exchange (NYSE).

NYSE claim that their servers are bullet proof, and can survive attacks that are even more viral and malevolent than those that would target the US defence systems.

But they were wrong and Shaiming had the means to prove it.

His program would not only find its way into the NYSE system through the back door, via what would appear to be an official trade by Goldman Sachs on their high frequency trading platform, but it would worm its way into the DTCC clearing system.

Once in the clearing system, it would bring down America.

Shaiming was using a shadow trade to allow his worm to work its evil magic.

First, the system would create a request for quote via Goldman Sachs.

Once the order was filled by a reciprocal trade fill on the NYSE exchange, the shadow trade would be passed through for clearing via the DTCC.

At this point, the shadow would unleash the worm, which would then begin to infiltrate every settlement of trades on the DTCC systems thereafter.

It is something that was unthinkable as, until discovered, it would mean that all trading in the American stock exchange systems – not just NYSE, but NASDAQ and more – would be disrupted and potentially forever flawed as the DTCC carry all the payments and settlement for all trading in American stocks and derivatives.

It would bring down the system.

That was the intention and that was what Shaiming believed he had built.

And it had been so easy to achieve as he was not attacking the DTCC or the NYSE system, but Goldman Sachs and, thanks to the powers that be, it had been easy when he found his ally, Serby Alyenko.

Serby had been convicted of stealing proprietary information from Goldman Sachs about their trading platform in 2010.

This conviction had been overturned in 2012 but, what the court didn’t know, is that Shaiming and his paymasters had paid Serby $10 million to get the information they needed.

Serby had not been stealing trade secrets about Goldmans trading platforms at all.

What he had really been doing was to create the gateway on the platform for Shaiming to plant his worm on their system.

Thank you Sergey.

Shaiming  pressed the button and held his breath.

The worm was on its way.

Would it reach its target?