If a TBTF Bank Lost Its Quant Code to Chinese Hackers and No One Knew, Would We Still Have a Functioning Market?

Bloomberg has an excellent catch from the HB Gary emails, revealing that Morgan Stanley was one of the 20-200 companies targeted by the Chinese-based Aurora hack in 2009.

Morgan Stanley experienced a “very sensitive” break-in to its network by the same China-based hackers who attacked Google Inc.’s computers more than a year ago, according to e-mails stolen from a cyber-security company working for the bank.

The e-mails from the Sacramento, California-based computer security firm HBGary Inc., which identify the first financial institution targeted in the series of attacks, said the bank considered details of the intrusion a closely guarded secret.

“They were hit hard by the real Aurora attacks (not the crap in the news),” wrote Phil Wallisch, a senior security engineer at HBGary, who said he read an internal Morgan Stanley report detailing the so-called Operation Aurora attacks.

As McAfee made clear when it first announced the hack, the hackers were after the targets’ intellectual property (though note the understanding of the timing of the hack has changed).

Similar to the ATM heist of 2009, Operation Aurora looks to be a coordinated attack on many high profile companies targeting their intellectual property. Like an army of mules withdrawing funds from an ATM, this malware enabled the attackers to quietly suck the crown jewels out of many companies while people were off enjoying their December holidays.

Now, Bloomberg–with backing from an FBI officer and a reminder that Morgan Stanley is the world’s larger mergers and acquisitions adviser–seems to be most concerned about what the hackers learned about impending M&A.

FBI Deputy Assistant Director Steven Chabinsky said that hackers have increasingly targeted information related to mergers and acquisitions, data that can give companies involved an advantage in negotiations.

But the description of the targeted information as IP immediately made me think about quant code, the algorithms that banks use to conduct high frequency trading. When Sergey Aleynikov attempted to sell Goldman Sachs’ high frequency trading code, the Goldman and the government treated it like a capital offense. For good reason, because if another firm got that code, it would be able to game out Goldman’s moves. So how do we know that these hackers didn’t steal MS’ quant code?

In any case, the hack seems to raise real questions about disclosure. Should Morgan Stanley have had to reveal this to its stockholders and potential M&A clients (remember that MS led GM’s IPO last year, though hopefully long enough after this hack for the merger not to be exposed by it). Should MS have had to reveal this–with the potential implications for markets–to Congress? Did it?

I just can’t help but think that the Aurora hackers may well have gotten the same kind of information that Congressional oversight committees have requested from the Fed, but were refused.

Tweet about this on Twitter0Share on Reddit0Share on Facebook0Google+0Email to someone

0 Responses to If a TBTF Bank Lost Its Quant Code to Chinese Hackers and No One Knew, Would We Still Have a Functioning Market?

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34

Emptywheel Twitterverse
bmaz RT @JasonLeopold: Execution in Arizona Is Approved by Justices. Scheduled for Wednesday. http://t.co/VmgjiE1MWm
48mreplyretweetfavorite
bmaz @cocktailhag Sounds like a fair addition to me.
1hreplyretweetfavorite
bmaz Also in the totally awesome to meet at #NN2014 department: @StephanieKelton @NadiaKayyali and @alexisgoldstein
3hreplyretweetfavorite
JimWhiteGNV RT @RaysBaseball: That moment when a pitcher who hasn't batted since high school executes a perfect safety squeeze. @JakeOdorizzi http://t.…
4hreplyretweetfavorite
bmaz Despite their limited stay no two more fun+incredibly awesome people I finally personally met at #NN2014 than @astepanovich + @McElweeWhite
4hreplyretweetfavorite
JimWhiteGNV RT @TBTimes_Rays: You can only hope to contain #Rays C Jose Molina, who swiped his 3rd bag of the season at the back end of a double steal.…
4hreplyretweetfavorite
JimWhiteGNV RT @ArifCRafiq: Please also visit Gaza. MT @MikeBloomberg This evening I will be flying on El Al to Tel Aviv to demonstrate that it is safe…
4hreplyretweetfavorite
bmaz @WilliamOckhamTx Pretty much that whole area of the world appears to be GohmertLand.
4hreplyretweetfavorite
bmaz The only way in the world @John_Dingell could earn more love is to say he doesn't know similarly worthless chumps Kanye West, JayZ+Beyonce.
4hreplyretweetfavorite
bmaz I have never been prouder of @John_Dingell in my life than him not knowing squat about the worthless Kardashian idiot clan.
4hreplyretweetfavorite
JimWhiteGNV RT @onekade: The rockets are extremely dangerous and horrible but also Israel is open for business as usual, nothing to fear! Ok
4hreplyretweetfavorite
bmaz It appears the Ukranian government has the combined credibility of Peter King and Steve Stockman. #GoodEnoughForJoshEarnestAndCNN
5hreplyretweetfavorite
March 2011
S M T W T F S
« Feb   Apr »
 12345
6789101112
13141516171819
20212223242526
2728293031