How secure is your brokerage against cyber attacks? A close look

The unlawful obtaining of customer information or the unauthorized gaining of access to online accounts is a very important modern criminal activity that should absolutely not be taken lightly, especially in the FX industry which not only conducts its entire, global business via the internet, but also is responsible for financial transactions and the safekeeping […]

How secure is your brokerage against cyber attacks?

The unlawful obtaining of customer information or the unauthorized gaining of access to online accounts is a very important modern criminal activity that should absolutely not be taken lightly, especially in the FX industry which not only conducts its entire, global business via the internet, but also is responsible for financial transactions and the safekeeping of client monies.

Cybersecurity, the terminology given to the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide, is paramount and therefore access to the right information from all parties is a given…. or is it?

Research by McAfee Labs, the internet security and anti-virus research division of Intel Security, has this week concluded that only 42% of cybersecurity professionals use shared threat intelligence, despite 97% of those who do use it having stated that it helps them provide a better counter-threat service and with 59% having stated that shared data is “very valuable” to their organization.

The FX industry is so multi-faceted that the need for cybersecurity exists in many specific areas such as the electric payment processing sector, the safeguarding of client funds in online trading accounts and the actual access to trading accounts themselves in order that trades can be opened and closed.

Last year, Tim Thompson, CEO of British payment payment service provider and risk management technology company NOIRE explained to Andrew Saks-McLeod that FX brokerage accounts are usually accessible online needing only a username and password in order to gain access to sensitive data and exposure to fraudulent withdrawals.

“It can start in a number of ways” explained Mr. Thompson. “These methods include fraudsters phishing customers details, through emails pretending to be from the broker and telephone calls, Trojan malware programs often downloaded for trading platforms which look legitimate but could be obtaining customers’ login details and passwords. Fraudsters do this on an industrial scale and gain access to many customer accounts across many businesses.”

Mr. Thompson explained that in many cases, fraudsters have been able to successfully make withdrawals from trading accounts, their requests being so authentic that they have been passed by even the most diligent of compliance departments. The ability to access accounts by phishing and sending in Trojan horse malware programs in order to ’emulate’ the real customer would be avoided with the right anti-fraud security systems.

In October last year, a series of connectivity outages began affecting internet ccess for hosted customers of MetaTrader 4 integration bridge provider oneZero Financial Systems, one of which was Australia’s IC Markets.

At that particular time, IC Markets, which uses oneZero to host its MetaTrader 4 retail FX trading environment, stated that it was targeted by a DDOS attack, which is an acronym for ‘distributed denial of service’. In this particular case, the attack functioned by bombarding the server with a high volume of messages in order to either slow down the server, or to prevent it functioning at all.

Some three years ago, Jeff Wilkins, Managing Director of Michigan-based ThinkLiquidity, a well recognized industry expert with regard to electronic risk management, explained to Andrew Saks-McLeod during a meeting in Cyprus that within networks used in the FX industry, points of presence, which are dedicated connectivity solutions between venues, trading companies and hosts, had been gaining popularity, and that distributed points of presence connectivity allows protection against denial of service attacks, confirming that ThinkLiquidity at that time always advised that this type of infrastructure is put in place.

Three years on, the institutional sector has in some form adopted such systems, venue-neutral Canadian infrastructure provider TMX Atrium put in place points of presence between Paris, London, Frankfurt and Moscow during 2013, however this venue-based connectivity has not filtered its way into the OTC retail sector on a widespread scale, a likely reason being the cost of implementing dedicated infrastructure to many smaller retail firms being high, especially when margins are low once spread, IB commission, client acquisition and retention costs and operating expenses are taken into account.

Some of the more interesting findings of the survey by McAfee Labs is that when asked what posed a barrier to companies from sharing threat information, some 54% cited company policies, while 24% cited regulations within their industry, and 24% said lack of knowledge on how the information would be used.

Regulatory aspects are indeed an interesting perspective, as the regulatory authorities in some of the more well recognized jurisdictions for electronic trading such as Australia and North America have become very much involved in using high tech methods of conducting their oversight.

The National Futures Association (NFA) in America uses a system within which all firms must make daily reports which are stored on file. It would be interesting to understand how the NFA would regard the sharing of information between companies before uploading it to the NFA reporting system, or if the NFA could make certain information sharable to bona fide compliance departments as part of a security effort.

Australia’s ASIC uses a surveillance system which monitors the activities of all companies on a real-time basis, therefore would be able to easily detect any sharing of confidential information between companies, which it may frown upon due to inside information getting into the hands of competitors despite the usefulness in countering cyber attacks. The Australian authorities have a very strict stance on not only insider dealing, but the sharing of confidential information between companies could be construed as market abuse by ASIC.

The McAfee report concluded that cyberthreats are on the rise, with new ransomware up 26% in the last quarter of 2015 compared to the third quarter of the year.

“Our report highlights that cyber threat intelligence (CTI) must overcome the barriers of organisational policies, regulatory restrictions, liability risks, and a lack of implementation knowledge before its potential can be fully realised” said Raj Samani, Head of Technology for the EMEA region at Intel Security.

Read this next

Retail FX

Malaysia regulator exposes OctaFX clone, shady FB profiles

Malaysia’s financial regulator today warned online investors about the risks of following investment tips made on social-media platforms.

Digital Assets

Crypto trading volume spikes at Swiss bourse amid FTX collapse

The shockwaves from the historic collapse of Sam Bankman-Fried’s crypto empire are still being felt across the industry, but some trading venues are actually doing better because of it.

Executive Moves

CMC Markets adds Camilla Boldracchi to institutional sales

UK’s biggest spread better, CMC Markets has promoted Camilla Boldracchi to take on an expanded role within its institutional sales desk.

Institutional FX

FXSpotStream reports $1.48 trillion in monthly volume for November

FXSpotStream’s trading venue, the aggregator service of LiquidityMatch LLC, reported its operational metrics for November 2022, which moved higher on a yearly basis but reflected weak performance across executed trade volumes when weighed against the figures of the prior month.

Retail FX

Interactive Brokers’ client activity drops 30% YoY

Interactive Brokers LLC (NASDAQ:IBKR) saw 1.95 million daily average revenue trades, or DARTS, in November 2022 compared to 1.96 million transactions in the prior month.

Digital Assets

The rise of Crypto ETPs in traditional exchanges as crypto winter deepens

Institutional investors are increasingly looking at traditional regulated exchanges as their first route into digital assets amid market turmoil caused by the crypto winter and the collapse of several big names within the space, including FTX. Acuiti and Eurex surveyed 191 buy and sell-side firms on their views of the digital assets markets in order […]

Digital Assets

TP ICAP’s crypto arm receives FCA’s go-ahead

UK interdealer broker TP ICAP has received a regulatory go-ahead to launch its cryptocurrency services in the UK. The bid shows that the recent collapse of FTX exchange has done little to damp the interest of big names in running their own crypto business.

Industry News

Coin Signals founder to pay $2,847,743 after prison sentence over crypto Ponzi scam

The U. S. District Court for the Southern District of New York has ordered Jeremy Spence, founder of Coin Signals, to pay $2,847,743 in restitution to victims of a fraudulent virtual currency scheme.

Digital Assets

CME Group goes DeFi: Reference rates and real-time indices of Aave, Curve, Synthetix

“These rates are designed to provide traders, institutions and other users transparency and price discovery across a much broader range of tokens, allowing them to confidently and more accurately value cryptocurrency sector specific portfolios and manage price risk around various blockchain-based projects.”