NordVPN Promotion

Home / Blogs

No Cyberattack on Wall Street

In case you missed it, last Thursday, May 6, we saw a remarkable day on the stock markets. The day started off with some selling which went down neat and orderly. Suddenly, around 2:40 pm eastern time, the market started selling off rapidly taking huge hits in in the span of 30 minutes. It was an incredible ride and at one point, the Dow Jones average was off 1000 points for the day, the largest drop in history (though not the largest percentage drop). It was kind of like October of 1987. A number of stocks plummeted to less than a dollar per share. Yet within a few minutes, the market recovered and what was a 7-8% decline was a mere 3% decline. Not bad if you’re a day trader.

Of course, the question now is how did this happen? Why did this happen? Nobody really knows for sure. Some speculate that it was a typo and that some trader wanted to sell a million shares but accidentally entered in a sell order for a billion. Some speculate that the orderly decline hit a level and then a bunch of computerized trading algorithms all executed at the same time hitting a bunch of sell orders, and then at such low prices a bunch of buy orders kicked in (maybe a bug and everyone uses the same algorithms?). Some speculate that maybe it was a message from Wall Street to Congress that Wall Street still has some cards in their hand that they can play and to not get too ambitious with financial regulation. Or maybe it was a cyber attack from an outside source that kicked it all off?

The Associated Press ran an article last Sunday with homeland security and a counter terrorism advisor saying that there was no evidence of a cyber attack behind the huge drop:

WASHINGTON (AP)—The White House’s homeland security and counterterrorism adviser says there is no evidence that a cyber attack was behind the chaos that shook Wall Street last Thursday.

John Brennan told “Fox News Sunday” that officials have uncovered no links suggesting that cyber attacks caused turbulence that sent the Dow Jones industrials plunging almost 1,000 points before staging a partial recovery at the end of the day.

If this was a cyber attack, it would be quite a serious cyber attack. A hostile intruder would need to break in and either do one or a combination of the following:

  1. Flood the market with massive amounts of sell orders and drive stocks down.
  2. Short sell the stocks in order to drive them down, but this depends on the intruder being able to borrow stock in order to short it. Naked shorting is a possibility but I don’t know if you could get away with that and not leave a big paper trail.
  3. Exploit a bug in the exchange’s (Nasdaq or NYSE) trading software that made it look like there was huge trading going on but in reality it wasn’t. The goal in this case isn’t necessarily to cause a loss in shareholder wealth but to create mass panic and confusion. If this was the case, then creating such mass panic and confusion could be a diversion for a physical attack elsewhere.

The last one is probably the more fanciful because it would require a major bit of co-ordination amongst multiple groups and would require a lot of pre-operational planning. But one would think that someone doing this type of reconnaissance work would have a large financial backing. That financier, presumably, would have a lot of their own wealth tied up in the US stock markets (and global markets, too). So, launching a cyber attack to take down Wall Street and affect the American markets would have the unpleasant side effect of knocking down your own wealth, too. You’d be cutting your nose to spite your face.

But like I say, the more likely explanation, in my opinion, is that a bunch of large blocks of traders had algorithms that all executed sell orders simultaneously based off an already skittish market (Greek debt). If there were bugs in that software that an intruder exploited, that would cause a lot of firms to re-examine their security policies, or perhaps perform an audit.

NORDVPN DISCOUNT - CircleID x NordVPN
Get NordVPN  [74% +3 extra months, from $2.99/month]
By Terry Zink, Program Manager

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Brand Protection

Sponsored byCSC

Cybersecurity

Sponsored byVerisign

Domain Names

Sponsored byVerisign

New TLDs

Sponsored byRadix

DNS

Sponsored byDNIB.com

IPv4 Markets

Sponsored byIPv4.Global

Threat Intelligence

Sponsored byWhoisXML API

NordVPN Promotion