In The Top Ten Cybersecurity Threats for 2008 I mentioned one of most critical cybersecurity threats of 2008 will be the manipulation and subversion of financial markets.
Well, folks in New York have barely finished cleaning the colorful New Years confetti off Wall Street and a vivid example of manipulating the market appears in the news. We have yet to see the second week of January and the cyberattacks are upon us.
Notice how a direct competitor to E*Trade Bank, Citigroup, used the power of cyberspace, rumors and (mis)information to manipulate the market price of E*Trade (ETFC). This might have not been such an eyebrow raising event if the rumor (cyberattack) was by a disinterested third party. The attack was by a direct competitor with their own subprime balance sheet problems!
On or about November 12, 2006, Citigroup Investment Research analyst Prashant Bhatia, a longtime critic of E*Trade (ETFC), sent E*Trade stocks into a free fall with his cyberattack, “[E*Trade] Bankruptcy risk cannot be ruled out.” This rumor, by a competing financial institution, basically wiped out countless millions of dollars in investor equity in a few short minutes. Amazing!
Of course, E*Trade is not going bankrupt any more than Citigroup is going bankrupt, but the information warfare by Citigroup’s Prashant Bhatia continues. Here is the lastest:
On January 7th, 2008, Bhatia changes his cyberattack slightly and reiterates his “prediction” that E*Trade will not be profitable for at least three years. This statement was quite different than his earlier attack where he “predicted” bankruptcy for a competing E*Trade.
Is Prashant Bhatia or Citigroup accountable for these “predictions”? When investors are wiped out in seconds based on a cyberattack by a competing financial institution, who is responsible for these actions and investor losses? Or, are these attacks simply “capitalism” and “the free market” where cyberattacks are commonplace and investors are no more than pawns in the market battlesphere?
Some on the net have said that Prashant Bhatia’s actions are not much different than the owner of a competing movie theater, who stands up and yells, FIRE!! FIRE!! FIRE!! Then, after he clears the theater, he then yells, RATS!! COCKROACHES!! POISON POPCORN!! to insure no one comes back to the movie house.
To me, this is an amazingly obvious cyberattack with a direct purpose to manipulate the market and cause damage to a competing financial services institution.
How can this attack be allowed to happen?
I think anyone can easily see how this is a very serious cybersecurity threat in 2008 and beyond. Unfortunately, these types of attacks will certainly get worse before it gets better. Welcome to “the real world”…. In this vividly real example, an analyst from a competing bank yells FIRE! and basically subverts the market, causing countless of investors to lose many millions upon millions of dollars in the blink of an eye. Wow.
RISK is the intersection of THREAT, VULNERABILITY and CRITICALITY.
E*Trade was vulnerable (as were other banks) due to subprime issues. E*Trade Financial is a critical competitor (and threat) to Citibank. This is a textbook cyberattack in today’s world.
Dr. David Luckham, discussing financial news and complex event processing (CEP) recently asked, How well does Elementizing work? and reminds us” News Moves Markets.” He is certainly correct, obviously.
The cybersecurity issue that I am highlighing here is how easy it is for news to be manipulated and, in turn, subvert markets, as easily observable with Citigroup’s Prashant Bhatia and his commercial cyberattacks against E*Trade Financial and, most importantly, their investors.