Insider traders have long shelled out millions in bribes, manipulated friendships and even traded sex for market tips. Now, they’ve found a new way to get the data they need: employing computer hackers.
“With the ubiquity of hackers now, you can find people online who’ll do what you want for a pizza,” said Slade Griffin, founder of Knoxville, Tennessee-based Cyphoss Security LLC. “You combine the financial brilliance of someone that’s criminally minded with the ease of access to hackers and hacking tools, why wouldn’t you do it?”
Two federal indictments unsealed Tuesday alleging a conspiracy between traders and hackers confirm a long-held fear in industries from banking to electricity that data stolen from servers will be used to manipulate markets or trade on non-public information.
Specialists say there’s evidence of growing collusion between digital thieves and market profiteers that goes far beyond what the handful of prosecutions so far suggests.
A similar scam was identified by cybersecurity firm FireEye Inc. last year, one that profited from the volatility of health-care company stocks.
Enforcement agencies only began intensively investigating the scam several months after the company had detailed in a public report how hackers had siphoned off sensitive e-mails of corporate officers and their advisers, according to a person familiar with the probe.
There have been no arrests in the FireEye case.
The ease of stealing insider details from a potentially endless supply of hacking targets presents an enormous challenge to the ideal of a level playing field for the market.
That may be one reason why Securities and Exchange Commission officials said the current case, in which hackers stole press releases packed with financial data from public relations companies that distribute them, shows they’re up to the task.
That’s far from clear, according to former officials, who note how hard it has been for everyone from Hollywood stars to the Department of Defense to protect even their most intimate secrets from hackers.
The use of hacking by insider traders opens up opportunities for fraudsters who don’t have a deep network of Wall Street relationships from which to skim information.
Such networks were central to the U.S. government’s 2011 prosecution of Galleon Group hedge-fund founder Raj Rajaratnam and several co-defendants, in what was billed as a landmark case for its aggressive use of wiretaps and witness-flipping.
The use of hacking may ultimately cause a reevaluation of how much of a lasting effect there will be from the Galleon case, which cost millions of dollars to prosecute and was a top priority for Preet Bharara, the Manhattan U.S. attorney.
Rather than significantly deterring insider trading, that case may simply have accelerated the move to cyberspace, where the personal relationships that tripped up defendants in the physical world no longer exist, specialists say.
“We knew this was coming,” said Edward Stroz, a former FBI agent who’s now executive chairman of Stroz Friedberg, which advises firms on hacking schemes. “In the classic examples, the currency of insider trading was a personal relationship. All of a sudden you have this possibility that never existed before where proxy insiders can get information from an ocean away.”
One thing that was clear from the Galleon prosecution was that maintaining a pipeline of valuable insider information was expensive and complex.
Some of the tipsters were paid more than $1 million for tradeable information. Others appeared to offer it freely because of friendships groomed over years.
One defendant, Danielle Chiesi, pleaded guilty to conspiracy before the trial and went to prison in October 2011. In her guilty plea, she admitted she solicited inside tips from technology industry executives. Among them was Robert Moffat, a former executive with International Business Machines Corp. with whom she had an intimate relationship, he said in his guilty plea. Moffat got a six-month sentence.
Compare that with operations of the hackers uncovered last year by FireEye, a group the company dubbed Fin4. Although clearly sophisticated, their operation required less time and money for a potentially richer archive of knowledge.
Along with the theft of corporate e-mails, they hacked law firms and public relations companies that would be part of the information chain for important announcements like mergers or the results of drug studies, according to FireEye.
In one example dealing with a potential acquisition -- an event that can create huge swings in a company’s stock price -- the hackers simultaneously targeted five different organizations involved in the talks, accessing details months before they became public, according to a report released by FireEye in December.
The indictments that were unsealed on Tuesday, as well as a lengthy SEC complaint, allege another profitable scam. For as long as five years, hackers based in Ukraine lifted press releases from the computers of PR Newswire Association LLC and two competitors, then uploaded them into a system that could be accessed by traders in the U.S., Cyprus, Russia and France.
The hackers worked on tight deadlines, sometimes as little as a half-hour. In the case of one announcement that showed Caterpillar Inc.’s profit rose 36 percent, the traders allegedly bought more than $8.3 million of the company’s shares and options, anticipating a pop in price the following day on the news. The bet worked, netting the defendants about $1 million, according to prosecutors.
PR Newswire and the two competitors said they’re cooperating with authorities.
The scheme connected an odd association of individuals that bears little resemblance to the financial high-flyers who conspired with Rajaratnam.
They include Arkadiy and Igor Dubovoy, a father and son team living in the U.S. state of Georgia, and another relative, Pavel Dubovoy, believed to live in Ukraine. None have obvious expertise in global financial markets.
It was unclear whether Arkadiy and Igor Dubovoy retained lawyers. Attorneys for other defendants didn’t return phone calls.
The SEC traced a series of suspicious trades to the alleged conspirators, which may have been the result of running the scheme over a number of years, according to a person familiar with the case.
John Reed Stark, the SEC’s former head of Internet enforcement, said that’s one of the risks of this kind of activity. While hacking is often hard to detect, consistently trading on insider information leaves a different kind of trail that the agency has gotten good at spotting.
While that may help the SEC deal with this new mode of insider trading, there’s plenty of headwind, including statutes and case law that don’t contemplate hacking as an efficient means to gather vast quantities of illicit market intelligence, Stark said.
He pointed to a recent federal court decision that held hackers must use deceptive methods of entering a computer network for the SEC to have jurisdiction. That would entail methods like sending malware-loaded e-mails but might not include exploiting an existing security flaw in a company’s computer system.
Read this next:
- Key Insider Trading Ring Suspect Freed on Bond as U.S. Appeals
- Cyber-Insider: Mystery Money Manager Charged in Hacking Case
- QuickTake: Insider Trading
“To the average person, hacking into a computer in order to get information to trade on would be illegal,” Stark said. “But depending on how it’s done, it might be theft but not necessarily securities fraud.”