Enterprise Security

Feds Break Up Hacker-Powered Insider Trading Ring

U.S. federal law enforcement authorities on Tuesday busted an insider trading ring that obtained market-timing information from overseas data thieves.

In two indictments unsealed by the U.S. Department of Justice in Brooklyn, N.Y., and Newark, N.J., nine people were charged in federal court with carrying out an international scheme to hack into three business newswires, steal yet-to-be published press releases, and use them to make trades that generated approximately $30 million in illegal profits.

The U.S. Securities and Exchange Commission at the same time unsealed a civil complaint against the nine indicted defendants and several other individuals and entities.

The defendants hacked into the newswires and stole confidential information about companies traded on the Nasdaq and NYSE, according to the indictments.

Some 150,000 confidential press releases were nicked from the servers of Marketwired, Business Wire and PR Newswire. More than 800 of the releases were used to trade ahead of the news and generate millions of dollars in illegal profits, the indictments allege.

The scheme is the largest of its kind ever prosecuted, according to DoJ.

Take Security Seriously

“The defendants launched a series of sophisticated and relentless cyberattacks against three major newswire companies, stole highly confidential information, and used [it] to enrich themselves at the expense of public companies and their shareholders,” said Paul J. Fishman, U.S. Attorney for the New Jersey District.

The wire services cooperated with the federal investigators’ operations.

Protecting customers’ information is one of Marketwired’s highest priorities, it said, noting that it had found and fixed the issue that allowed the intrusions, and maintaining that its security, monitoring and prevention practices are world-class.

“At PR Newswire, we take security very seriously and are dedicated to protecting our information and systems,” said CEO Robert Gray. “As cybersecurity threats continue to evolve, so will our information security practices.”

After learning about the breach of its systems, Business Wire had a “prominent cybersecurity firm” perform forensic tests on its systems to ensure their security.

“We devote substantial resources annually to security, including multiple security audits by leading industry consultants,” said CEO Cathy Baron Tamraz. However, “despite extreme vigilance and commitment, recent events illustrate that no one is immune to the highly sophisticated illegal cyberintrusions that are plaguing every aspect of our society.”

Undermines Markets

The shady traders created “wish lists” for the hackers, identifying press releases they considered desirable, according to the DoJ indictments. After receiving a press release on the list, they would make trades based on the news in the release, which had not yet been made public.

Among the hundreds of companies targeted by the illegal trading ring: Align Technology, Caterpillar, Hewlett Packard, Home Depot, Panera Bread and Verisign.

Stolen press releases were stored on overseas Web servers. The traders paid the hackers for access, with rates keyed to a percentage of their take from the illegal trades. The groups divvied up the profits through foreign shell companies.

Insider trading schemes can damage confidence in the markets, noted Jake Olcott, a former legal advisor to the Senate Commerce Committee and counsel to the House of Representatives Homeland Security committee. Olcott currently is vice president of business development for BitSight.

“Any time you get a situation like this, where it causes people to question the underlying premise of the market, it raises fundamental questions in the minds of investors about the system and can undercut confidence in the system,” he told the E-Commerce Times.

More Lucrative Than Credit Card Fraud

The United States makes efforts to ensure that its markets operate fairly, but those values aren’t shared by hackers in the former Soviet Union and its satellites, noted Tom Kellermann, chief cybersecurity officer at Trend Micro.

“They are saying they’re not going to play by the rules of capitalism,” he told the E-Commerce Times.”They recognize that given their technological superiority, they can maintain omniscience in the markets, and they can precipitate insider trading and front-running at will against specific targets,” Kellermann said.

“That’s especially true if they’re targeting not a hardened multinational but its information supply chain — an information supply chain that’s only undergone very high level, check-the-box paperwork exercises of due diligence and risk management,” he continued.

“After the financial crisis, the Eastern European Russian-speaking underground forums became educated as to the nuances of how the financial sectors of the world truly operated, and how market information — before it’s released — is more valuable than cash, credit cards or intellectual property,” Kellermann explained.

Stiff Penalties

In the New Jersey indictment, five defendants — Ivan Turchynov, 27, Oleksandr Ieremenko, 24, and Pavel Dubovoy, 32, all of Ukraine; and Arkadiy Dubovoy, 51, and Igor Dubovoy, 28, of Alpharetta, Georgia — were charged with wire fraud, securities fraud, wire fraud conspiracy, securities fraud conspiracy and money laundering conspiracy.

Turchynov and Ieremenko additionally were charged with computer fraud, computer fraud conspiracy and aggravated identity theft.

In the New York indictments, four defendants — Vitaly Korchevsky, 50, of Glen Mills, Pennsylvania; Vladislav Khalupsky, 45, of Brooklyn, N.Y., and Odessa, Ukraine; Leonid Momotok, 47, of Suwanee, Georgia; and Alexander Garkusha, 47, of Cummings and Alpharetta, Georgia — were charged with securities fraud, securities fraud conspiracy, wire fraud conspiracy and money laundering conspiracy.

Five of the nine defendants were arrested Tuesday, DoJ said. International arrest warrants have been issued for Turchynov, Ieremenko, Pavel Dubovoy and Khalupsky, who were in Ukraine.

Penalties for the alleged crimes include a maximum 20-year jail sentence and $250,000 fine, or twice the gain or loss from the offense.

John Mello is a freelance technology writer and contributor to Chief Security Officer magazine. You can connect with him on Google+.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

Related Stories
More by John P. Mello Jr.
More in Enterprise Security

E-Commerce Times Channels