We all had our hands full in 2020, so many of us haven’t been paying attention to the sharp increases in cyber crime of late. It’s been a constant problem in the online trading industry, with every other week bringing news of yet another brokerage that’s had its systems compromised. In a recent post, we covered the topic and provided some best practices for brokers wanting to shore up their defences against such attacks. But what happens when the worst-case scenario comes to pass and you’re woken in the middle of the night with news that your brokerage has been hacked? That’s what we’re here to discuss today, the importance of backup brokerage systems.
Some Recent Examples
One of the most common issues that online brokerages regularly face is the DDoS (distributed denial of service) attack, where online systems are spammed with spurious requests in order to overload them and prevent legitimate users from being able to access them. Last November, UK brokerage Trading212 was hit by just such an attack. To their credit, they had their systems back up and running with very limited disruption to trading services. Back in August, New Zealand’s Stock Exchange (NZX) was also compromised in a similar manner, but didn’t fare as well, resulting in a three-day shutdown.
Data breaches are also a constant issue for online brokers, with sensitive client info commonly the target for hackers. FXCM, Pepperstone, and the Japanese arm of Saxo Bank have all been on the receiving end of such attacks of late. Recently, CNBC reported that they have come across Robinhood, Charles Schwab and TD Ameritrade login credentials for sale on the dark web.
Data breaches can often lead to ransoms demanded by attackers in exchange for not leaking the data, which can seriously erode trust in a brokerage. Alternatively, that data can be used to run credential stuffing attacks, where stolen logins are used via automated scripts to try and access other sites. This owing to the fact that many people still mistakenly reuse the same login details across online services.
Hackers can also attempt to use that data to initiate unwanted trades. Depending on how sophisticated they are, they can even attempt social engineering attacks on brokerages to hijack client identities and funds. In the case of crypto exchanges, crypto’s status as a bearer asset that can easily be moved around allows attackers even easier access to client funds.
When Worse Comes to Worst
Of course, an ounce of prevention is worth a pound of cure, but when prevention fails and your business finds itself in the midst of a cyber attack, what steps can be taken in order to minimise disruption to your operations?
Keep in mind that any breach of your systems, however minor, will require your IT department to shut everything down in order to discover the source of infection and take stock of any damage that’s been done. Depending on the scope of the attack, this can lead to down times of more than a week in which your clients will not be able to access their accounts. In such an event, the costs to your company can be significant.
Not only are you losing revenue every hour that goes by without your clients being able to trade, the damage to your brand’s reputation can also be immense. Then there’s your company’s handling of the fallout after the hack goes public, and the subsequent downtime required for your team to investigate and correct the issue. The longer this takes, the messier it gets as an ongoing problem invites online discussion, which can stick around to haunt you even after the issue is resolved.
Here at Panda, we’ve been working with our clients on both attack prevention and damage limitation strategies. After all, as a technology provider, our own reputation is also on the line in the event of potential attacks. A solution we’ve recently developed that many of our brokers have opted for, is the creation of backup systems that mirror the full brokerage infrastructure including data, hierarchies, roles and permissions, etc.
In this way, clients can have redundancies built in, so if all else should fail they can easily switch over to the backup system and have all their services up and running in 24 hours. Essentially, it’s a complete duplicate of the existing system that’s regularly updated, similar to the in the manner in which you back up your files from time to time to protect your main computer from data loss. As such, it acts as a firewalled copy of existing systems that can be switched to in the event of the main system being corrupted in any way. Brokers are finding it a cost effective way to ensure that there are contingencies in place for when all else fails.
If you’d like to discuss this or any other PandaTS solution, or want to hear more about how to secure your brokerage from cyber attacks, please get in touch with our team.
For free consultationRequest a Call