A Sydney Morning Herald article reports that the Australian Securities & Investment Commission (ASIC) has issued a warning to online stockbrokers and their clients that they need to "urgently review their account security."
According to the Morning Herald, ASIC's warning comes after a new round of attacks against online stockbroker firms were detected in the wake of the denial-of-service (DOS) attacks in December that E*Trade Australia and Manly-based Wealth Focus experienced. The December attacks forced E*Trade to shut down some clients' access to its website for as long as two weeks around Christmas. In Wealth Focus's case, the DOS attack was a for-profit venture. The firm received a letter demanding money to stop the attack, which was traced to Russia.
The attacks against E*Trade and Wealth Focus prompted the Australian Computer Emergency Response Team (CERT Australia) to request in early January that companies report any cyber attacks they were experiencing. The cybercrimes also sparked an Australian Federal Police (AFP) inquiry.
However, the Morning Herald reports that "ASIC has detected about a dozen hacked share-trading accounts across several brokers" over the past few weeks. ASIC, in its news release, states that it "is also working with other authorities to identify the source of the intrusions and pursuing a line of inquiry consistent with similar incidents in overseas markets."
I haven't seen any major press reports about a recent surge in DOS attacks against online stockbrokers in other countries, which leaves me wondering whether there is a rash of attacks occurring but aren't yet being reported.
Robert N. Charette is a Contributing Editor to IEEE Spectrum and an acknowledged international authority on information technology and systems risk management. A self-described “risk ecologist,” he is interested in the intersections of business, political, technological, and societal risks. Charette is an award-winning author of multiple books and numerous articles on the subjects of risk management, project and program management, innovation, and entrepreneurship. A Life Senior Member of the IEEE, Charette was a recipient of the IEEE Computer Society’s Golden Core Award in 2008.