|Main Archive Page > Month Archives > infosec-news archives|
By Bill Snyder
Tech's Bottom Line
January 06, 2011
High-frequency trading networks, which complete stock market
transactions in microseconds, are vulnerable to manipulation by hackers
who can inject tiny amounts of latency into them. By doing so, they can
subtly change the course of trading and pocket profits of millions of
dollars in just a few seconds, says Rony Kay, a former IBM research
fellow and founder of cPacket Networks, a Silicon Valley firm that
develops chips and technologies for network monitoring and traffic
Kay, an Israeli-born computer scientist and one-time Intel engineering
manager, says the root of the problem is the increasing speed of
networks; as they get faster and faster, our ability to actually
understand events taking place within them isn't keeping up. Network
monitoring technology can detect perturbations in network traffic
happening in milliseconds, but when changes occur in microseconds,
they're not visible, he says.
cPacket has developed a proof of concept showing that these side-channel
 attacks can be used to create tiny delays in the transmission of
market data and trades. By manipulating specific trading activities by
several microseconds, an attacker could gain unfair trading advantage.
And because the operation occurs outside the range of monitoring
technology, it would remain invisible. "We believe that such techniques
pose a substantial risk of creating unfair trading, if used by the wrong
people," Kay says.
(A side-channel attacker looks at indirect information related to the
computer -- the electromagnetic emanations from screens or keyboards,
for example -- to determine what is going on in the machine. )
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.