Hong Kong Stock Exchange experienced its website being hacked while it halted derivatives trading to fix unrelated software bugs.
A technical bug was found in a vendor’s trading software for derivative financial products, which forced the exchange to suspend the trading of futures and options
Trading resumed after the exchange returned to using an older version of the software without the bug, the organization stated.
Businessman Tse Man-lai, who was behind the 2011 cyberattack, was subsequently convicted and jailed for nine months.
TPRM report: https://scoringcyber.rankiteo.com/company/hkex
"id": "hon22310423",
"linkid": "hkex",
"type": "Cyber Attack",
"date": "09/2019",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"
{'affected_entities': [{'industry': 'Finance',
'location': 'Hong Kong',
'name': 'Hong Kong Stock Exchange',
'type': 'Stock Exchange'}],
'attack_vector': 'Website Hacking, Software Bug',
'description': 'Hong Kong Stock Exchange experienced its website being hacked '
'while it halted derivatives trading to fix unrelated software '
'bugs. A technical bug was found in a vendor’s trading '
'software for derivative financial products, which forced the '
'exchange to suspend the trading of futures and options. '
'Trading resumed after the exchange returned to using an older '
'version of the software without the bug. Businessman Tse '
'Man-lai, who was behind the 2011 cyberattack, was '
'subsequently convicted and jailed for nine months.',
'impact': {'downtime': 'Trading of futures and options suspended',
'legal_liabilities': 'Conviction and jail time for the threat '
'actor',
'operational_impact': 'Trading halted and resumed',
'systems_affected': 'Trading software for derivative financial '
'products'},
'investigation_status': 'Resolved',
'post_incident_analysis': {'corrective_actions': 'Returned to using an older '
'version of the software '
'without the bug',
'root_causes': 'Software bugs in vendor’s trading '
'software'},
'response': {'remediation_measures': 'Returned to using an older version of '
'the software without the bug'},
'threat_actor': 'Businessman Tse Man-lai',
'title': 'Hong Kong Stock Exchange Website Hack and Trading Suspension',
'type': 'Hacking, Software Bug',
'vulnerability_exploited': 'Unrelated software bugs in vendor’s trading '
'software'}