Cyber-Criminals attacking the Financial Markets

by Hugh McDermott

Cyber criminals are increasingly organised and sophisticated in their exploitation of financial markets. As most investors rely on the internet for market information, criminals abuse this trend to victimise investors and generate significant illegitimate proceeds, destabilising market integrity in the process.

Despite this problem, no single regulatory agency or police force is investigating and prosecuting these crimes in a co-ordinated, concerted or effective manner.

There are several forms of cyber-crime that have occurred recently in Australia which impact the financial market.

Internet pump and dump schemes involve advertising a company's stock through false and misleading statements to the marketplace through spam, web postings and internet forums. After pumping the stock, fraudsters make profits by selling their cheap stock into the market. As the price decreases and liquidity in the shares falls, victims are left holding shares at their deflated value.

Online outsider trading involves hacking into company accounts to obtain announcements or stock reports before they are released to the market. This information is then relied on to trade shares before the market is informed.

Compromised on-line share trading accounts involves the criminal gaining access to a third party's on-line trading account which is then use to manipulate the market.

The primary legislation regulating Internet content and prosecuting internet related offences is the Cybercrime Act 2001. To date there have been no effective prosecutions involving cyber-crime on the financial markets under this or other related legislation.

Given this lack of enforcement, the potential effect on the market is significant, with Australian investors at risk of being targeted by Australian and international criminals whose activity is largely undetected by Australian regulators and law enforcement.

There are at least 13 domestic agencies with an interest in cyber-crime. But while these agencies address cyber-crime as it relates to their focus, they do not have the financial markets as a priority. This is because the strategic focus of all agencies, with the exception of ASIC, is on areas other than financial market integrity. Police focus upon child pornography and ID fraud, the ATO focuses on the use of the internet to breach tax laws, and the ACMA focuses on monitoring online content and spam. This leaves a sizeable gap in the regulation of cyber-crime affecting financial markets which falls within the jurisdiction of ASIC under the Corporations Act 2001.

The last successful court action taken by ASIC relating to cyber-crime was in 2005. The case involved a company that used a website as an investment tool to offer unlicensed financial advice to investors.

Prior to this, ASIC commenced court proceedings for internet related offences on six separate occasions. It accepted enforceable undertakings on four occasions and shut down four different websites offering unlicensed financial and securities investment advice.

Exactly why ASIC stopped identifying, investigating and prosecuting these types of offences is a mystery.

Outdated monitoring tools may be part of the problem. ASIC launched an internet classification scheme called Scamseek in 2004 to identify websites offering unlicensed financial and securities investments advice. Although Scamseek identified various websites and ASIC took action against some of them, the technology has not been effectively utilised since 2004. Investigators complain that Scamseek became outdated soon after it was implemented. It cannot identify common methods now used to offer illegal investment advice such as chat rooms and web board postings, nor the more sophisticated acts of compromising trading accounts or corporate domains that have evolved over recent years.

Australia is not alone in the struggle to keep up with the constantly evolving methods of cyber criminals to attack financial markets. The North American and European experience is that market related cyber-crime is a significant and increasing problem. Apart from simple price manipulation, criminals are adopting more sophisticated activities such as hacking legitimate investment internet sites  then replicating them and changing the destination of invested funds, or creating an unregistered, unregulated futures market on the internet.

The response by US regulators has included Securities Fraud Market Manipulation initiatives that aggressively pursue corrupt participants in the financial markets. These initiatives use covert activities and include a focus on curbing the rising threat posed by market manipulations carried out via computer intrusion.  The US SEC has established an Office of Internet Enforcement which actively investigates and prosecutes cyber-crimes in co-ordination with the FBI's Cyber Division and the US Secret Service Electronic Crimes Taskforce.

ASIC has no strategy to combat cyber-crime and protect retail investors and consumers or the integrity of Australia's capital markets.










If left largely unchecked, potential cumulative losses and damage from cyber-crime on financial markets could rival Australia's largest corporate frauds.


There is a clear need for ASIC to establish a dedicated team to monitor, investigate and prosecute people committing cyber-crime on the financial market and co-ordinate with domestic and foreign regulators and law enforcement on intelligence, investigations and criminal trends.  There is an opportunity for ASIC to lead a renewed program to investigate and examine the extent of misconduct in this area and the degree of impact on the Australian market. It would be a significant failure if it did not do so.