Japan’s Hirose FX confirms DDoS attack against platform, website

There has been one more announcement about a cyber attack against an online trading company, reiterating the importance of cyber security for the industry. Japanese retail FX broker Hirose Tusyo Inc (TYO:7185), or Hirose FX, has confirmed that it was subjected to a DDoS attack on Monday, September 18, 2017.

The services affected included the corporate website, as well as Hirose FX’s trading tools, such as the LION FX platform. Logging into the platform and accessing the website was hampered for more than an hour on Monday morning. The services were restored at 11:28.

Other online trading companies have been targets of DDoS attacks too. On June 29, 2017, Japanese retail Forex broker Kabu.com Securities, a subsidiary of Mitsubishi UFJ Financial Group Inc (TYO:8306), said it had fallen victim to a DDoS attack. The cyber attack also happened in the morning. The cyber attack targeted the website of the company, which was unavailable for about 36 minutes.

Also in June, Canadian brokerage Questrade said it was a victim of a DDoS attack, which affected the normal work of its platforms. The company noted that this was not a ‘hack’ and no personal information had been compromised. Early this month, Questrade sought to bolster the security of its customer accounts by introducing a Last login feature. Thanks to this addition, whenever traders log in to their Questrade accounts, they can check information about the last login to their account, such as date, time, and device/browser.

Other companies, such as Saxo Bank, have also aimed at beefing up their safeguards against cyber attacks. In July this year, Saxo said it was making adjustments on how the SaxoTraderGO platform is exposed to the external world. With regard to that, Saxo said it was moving from a reactive to a proactive protection setup, meaning that its service would be presented at a new IP address.

Cyber problems are a costly matter (in financial and reputation terms), as proven by the issues at GMO Payment Gateway Inc (TYO:3769). It took about two months for the websites of two of the clients of GMO Payment Gateway to recover and resume work, following a security breach and a data leak. Preliminary estimates have indicated that the number of “units of information” leaked through the Tokyo Metropolitan Government website was 676,290, including 614,629 email addresses, 61,661 credit card numbers and credit card expiration dates. The number of “units” of credit card information reportedly leaked from the Japan Housing Finance Agency was 43,540, including credit card numbers, credit card expiration dates, security codes, credit card payment registration dates, addresses, email addresses, names, phone numbers, as well as dates of birth and payment joining dates. The numbers have been revised later to avoid doubling of information.