[Infowarrior] - Hacker Triggers Halt on Hong Kong Exchange

[Richard Forno]

Hacker Triggers Halt on Hong Kong Exchange

By Lynn Thomasson - Aug 10, 2011

http://www.bloomberg.com/news/print/2011-08-10/hong-kong-exchange-halts-some-trading-after-website-glitch-1-.html

Hong Kong Exchanges & Clearing Ltd., the world’s biggest bourse operator by market value, said it suspended trading for companies including HSBC Holdings Plc (HSBA) after its website was hacked.

Europe’s largest bank by market capitalization, Cathay Pacific Airways Ltd. (293) and five other stocks were halted after a “malicious attack” on the exchange’s website for corporate filings, Chief Executive Officer Charles Li said yesterday. The website was partially disabled as companies including Hong Kong Exchanges reported earnings.

The bourse joins companies from Sony Corp. to Citigroup Inc. and Nasdaq OMX Group Inc. that have been targeted by hackers. The attack came as Hong Kong stocks were rebounding after losing $323 billion in value since Aug. 1 amid a global rout spurred by concern that the U.S. economy is slowing and Europe won’t be able to contain its sovereign-debt crisis.

“This has affected the creditability and trustworthiness of information at a very critical time,” said Charles Mok, who heads the Hong Kong division of the Internet Society, an international standard-setting group. “The situation is very worrying because the hacking is targeted at the information disclosure mechanism.”

Suspensions

The exchange suspended trading of companies which published price-sensitive information, including on earnings and acquisitions, after 12 p.m. to ensure investors had equal access to statements, Li said. It set up an online bulletin board as an alternative, and will place advertisements in newspapers to tell investors where to find filings, Mark Dickens, the exchange’s head of listing, said.

“Our current assessment is that this is the result of malicious attack by outside hacking,” Li said at a press conference to announce a 14 percent increase in first-half earnings. The exchange is working to discover the objective of the attack, he said.

The Technology Crime Division of the Hong Kong Police’s Commercial Crime Bureau is investigating the matter, said Anita Chow, a spokeswoman for the force. The Securities and Futures Commission is also following up, spokesman Jonathan Li said.

In March, the U.S. National Security Agency was reported to have joined an investigation of an October 2010 attack on Nasdaq OMX. The second-largest U.S. equity exchange operator of trading market share, said in February that “suspicious files” discovered on a website prompted it to start an investigation with federal authorities into possible computer hacking.

‘Proper Measures’

Trading of HSBC, which makes up 15 percent of Hong Kong’s Hang Seng Index, and Hong Kong Exchanges, which has a 2.6 percent weighting, was suspended. Cathay Pacific, Dah Sing Banking Group Ltd. (2356), Dah Sing Financial Group, China Resources Microelectronics Ltd. and China Power International Development Ltd. (2380) were also suspended.

HSBC, Hong Kong Exchanges, Dah Sing Banking, Dah Sing Financial said in filings yesterday that they will resume trading today. The other suspended companies haven’t yet made statements. HSBC said it was halted because of its statement on the sale of its U.S. card and retail-services units.

The exchange “should have had the proper measures to make sure this is secure,” said Terrace Chum, Hong Kong-based managing director of greater China equities for Manulife Asset Management, which oversees $210 billion. “In other media channels, you can always find falsified news and rumors, but this is supposed to be more official.”

Increased Hacking

Companies in Hong Kong face an increase in computer intrusions as hackers target security flaws in some software, Roy Ko, centre manager at Hong Kong Computer Emergency Response Team Coordination Centre, said by phone today. The center, funded by the government, found 22 websites this year whose content was “defaced” by hackers, Ko said.

The suspensions didn’t disrupt the calculation of the Hang Seng Index (HSI), said Vincent Kwan, director and general manager at Hang Seng Indexes Co. in Hong Kong. The last trades before the halt were used to calculate the equity gauge, he said.

“Trust is something that takes years to build and accumulate, so one little incident is not enough to cause a lot of damage to the confidence in the exchange,” said Jonas Kan, a Hong Kong-based analyst at Daiwa Securities Capital Markets. “It’s not something you can lose overnight.”

Sony, Japan’s largest exporter of consumer electronics, estimated the attack that crippled its online services this year may cost the company 14 billion yen ($183 million). The International Monetary Fund said in June it was hacked.

493,000 Attacks

China was the target of 493,000 cyber attacks last year, according to a report by the National Computer Network Emergency Response Coordination Center of China, the state-run Xinhua News Agency said Aug. 9. About half the attacks originated from internet protocol addresses outside the nation, including from the U.S. and India, the report said.

“Anything that disrupts the flow of information is serious,” said Steve Vickers, chief executive of Steve Vickers Associates, a Hong Kong-based risk-consulting company. “Can you defend a website absolutely against attack? The answer is no.”

To contact the reporter on this story: Lynn Thomasson in Hong Kong at lthomasson at bloomberg.net

To contact the editors responsible for this story: Nick Gentle at ngentle2 at bloomberg.net; Hwee Ann Tan at hatan at bloomberg.net