US authorities have arrested nine suspected insider traders who relied on hackers to steal commercially sensitive corporate information from newswire services.
The suspects are expected to be charged on 11 August 2015 in Brooklyn, New York and New Jersey in connection with insider trading based on stolen corporate press releases before they had been made public, reports Bloomberg News.
The hackers – believed to be based in Ukraine and possibly Russia – broke into the computer systems of PRNewswire Association, Marketwired and Business Wire.
Information stolen by the hackers is believed to have been used by their associates in the US to buy and sell shares of dozens of companies, including Boeing, Hewlett-Packard and Oracle, to make more than $30m in profit.
The case reportedly marks the first time prosecutors have alleged that a securities fraud scheme was based on hacked inside information and it is also the largest known suspected case of hacking that resulted in insider trading.
Analysts said the case exposes the vulnerabilities of financial markets in the digital age and demonstrates how advance information can be acquired without using any insider contacts.
The arrest of the nine suspects is being hailed as a significant for the FBI in the US and is the result of a two-year investigation of a suspicious trading pattern in the past five years identified by the US Securities and Exchange Commission (SEC).
Federal charges including conspiracy to commit securities fraud and hacking are expected to be filed against the nine men in Brooklyn and New Jersey, while the SEC is pursuing a parallel civil case against some of the suspects.
The SEC has brought only a handful of civil cases against hackers to date, according to Reuters.
In 2007, the SEC filed a civil case against a Ukrainian trader named Oleksandr Dorozhko, accusing him of hacking into IMS Health and stealing information on earnings that he used to make profitable options trades. In 2010, a federal court ordered Dorozhko to pay $580,000.
In September 2013, Scott Borg, chief of the US Cyber Consequences Unit, predicted that manipulation of international financial markets will be the next evolution of cyber crime.
“There is no limit to the money that can be made by manipulating financial markets,” he said, speaking at an international policy roundtable on cyber security at a joint session of the ASIS International and (ISC)2 annual congresses in Chicago.
By taking a position in the market and then conducting a cyber attack to discredit a company, criminals can make an almost infinite amount of money, said Borg.
“Even if the beneficiaries are identified, they can always say they took the position based on a rumour in the market,” he said.
Borg, who predicted in 2002 the shift from mass disruption cyber attacks to professional, organised cyber crime, said the next shift to financial markets will transform the field of cyber security.