Suspect arrested over Hong Kong Stock Exchange web attacks

Filed Under: Denial of Service, Law & order

Less than two weeks ago, web services at the Hong Kong Stock Exchange (HKEx) were hit by Distributed Denial of Service (DDoS) attacks for two days in a row.

Although the bourse's CEO, Charles Li, said no trading or financial systems were breached in the attacks, trading was affected for several hours.

Backup plans were made for HKEx to publish important company results the old-fashioned way - in local newspapers - to reduce the market's reliance on HKEx's web presence.

Reports at the time of the DDoSes suggested that a botnet had been used, since the attacks originated from a wide range of sources around the world.

This makes botnets harder to stop, since there is no easily-recognisable starting point or pattern to the malicious traffic. It also makes botnet operators harder to track down, for precisely the same reason.

Nevertheless, a man was recently arrested in Hong Kong in connection with the attack. Details are still sketchy: his name has not been released, and the nature of the charges and evidence against him is not yet known.

All that has appeared in the media so far is that the suspect is allegedly a 29-year-old businessman, and was arrested in Kwun Tong, a largely industrial area in the east of Kowloon.

, , , , , ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too. Paul won the inaugural AusCERT Director's Award for Individual Excellence in Computer Security in 2009. Follow him on Twitter: @duckblog