Hackers Give Middle East Exchanges Black Eyes

Downed websites are more than an inconvenience.

This week saw the Arab–Israeli conflict take on a new dimension. Hackers have started attacking the websites of the Tel Aviv Stock Exchange, the Saudi Stock Exchange and the Abu Dhabi Securities Exchange.

According to news reports, the Israeli and Saudi sites were brought down, while the Abu Dhabi website experienced serious performance delays.

Since the beginning of the year, the Middle East has faced an escalation of cyber-attacks, starting with stolen credit card account information from popular e-commerce websites and now attacks on the financial services industry.

It is hard to determine the motivation behind the various hackers involved. Were the attacks fueled by patriotism or were they financial crimes wrapped in the convenient banner of ethnic conflict? Where did the stolen credit card numbers go and who benefited from them?

At the end of the day, these attacks did not affect trading on the exchanges, nor did they penetrate the network and application linkages between the markets and their clients.

However, these sorts of cyber-attacks should not be taken lightly. It is not an issue of the core business of exchanges, banks or any other financial firms getting hacked, but the perception that these organizations are vulnerable.

Call it "reputational risk" or "a PR black eye," but these events definitely have effects on the targeted organizations that might not be easily measured.

I doubt any firm has a two-tier security model with the highest security for the actual financial transaction and a somewhat looser model for everything else. Given the growing number of criminals, and most likely state-approved attacks, firms need to bring their cyber-security A-game to all of their publicly facing presences—whether it is core to their business or not.