Just over half of the world's securities markets have fought off intrusions by cyber-attackers over the past year, according to figures released by the International Organisation of Securities Exchanges (Iosco) and the World Federation of Exchanges (WFE).
While cyber-crime in securities markets has not had systemic impacts so far, it is rapidly evolving in terms of actors, motives, complexity and frequency, warn Iosco and the WFE in a joint working paper.
As the number of high-profile and critical hits increases, the report warns that underestimation of the severity of the risk may lay open securities markets to a black swan event.
To assess the extent of the threat posed to the world's securities markets, Iosco and the WFE surveyed stock exchanges worldwide.
The poll revealed that a significant number of exchanges are already under attack with 53% repelling intruders in the last year. Hacks tend to be disruptive in nature, either via Denial of Service or viral-related, rather than motivated by financial gain.
Some 93% of respondents have disaster recovery protocols or measures in place to deal with the fall out of a cyber attack. Moreover, all organisations claim that they are able to identify an assault within 48 hours of it occurring.
Nonetheless, a vast majority (89%) of stock exchanges agree that cyber-crime in securities markets should be considered a systemic risk, implying that a broader, system-wide response may be needed.
Respondent to the survey suggested a role for Iosco and the WFE in providing guidance and principles, internal measures and promotion of international security standards/frameworks. There were also calls for a cross-jurisdictional and cross-sector information sharing repository and dedicated monitoring and training centres.
Read the full paper:Download the document now 2.2 mb (PDF File)