Category Archives: Cyber attacks

28/9/19: Evidence of Systemic Risk from Major Cybersecurity Breaches

In our post for Columbia Law School's CLS Blue Sky Blog, myself and Shaen Corbet explain in non-technical terms our ground-breaking findings on systemic nature of cybersecurity risks in financial markets:

LexBlog link: https://www.lexblog.com/2019/09/26/evidence-of-systemic-risk-from-major-cybersecurity-breaches/
CLS link: http://clsbluesky.law.columbia.edu/2019/09/27/evidence-of-systemic-risk-from-major-cybersecurity-breaches/
Original working paper: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3033950
Published paper: https://www.sciencedirect.com/science/article/pii/S1057521919300274.

Our study is the first in the literature showing evidence of systemic contagion from cyber attacks on one company to other companies and stock exchanges.

Based on these findings, we have a chapter forthcoming in an academic volume on the future of regulation, proposing a novel mechanism for regulatory detection, monitoring and enforcement of cybersecurity risks. We will post this chapter when it goes to print, so stay tuned.

20/9/19: New paper: Systematic risk contagion from cyber events

Our new paper, "What the hack: Systematic risk contagion from cyber events" is now available at International Review of Financial Analysis in pre-print version here: https://www.sciencedirect.com/science/article/pii/S1057521919300274.

Highlights include:

We examine the impact of cybercrime and hacking events on equity market volatility across publicly traded corporations.
The volatility generated due to cybercrime events is shown to be dependent on the number of clients exposed.
Significantly large volatility effects are presented for companies who find themselves exposed to hacking events.
Corporations with large data breaches are punished substantially in the form of stock market volatility and significantly reduced abnormal stock returns.
Companies with lower levels of market capitalisation are found to be most susceptible to share price reductions.
Minor data breaches appear to be relatively unpunished by the stock market.

19/4/18: Geopolitical Risk: Who Cares?..

Geo-political risks, geo-shmalitical risks... who cares... not the markets...

None of the geopolitical risks registered on S&P 500 companies reporting radar according to Factset in 1Q 2018 https://insight.factset.com/more-than-half-of-sp-500-companies-citing-positive-impact-from-fx-on-q1-earnings-calls. This is not very surprising as majority of earnings for 1Q accumulated before any spikes in these, and as "Tariffs" category probably absorbed the 'China' effect. Notably, however, earnings were impacted adversely by trade conflict and cyber risks (total of 3/25 companies impacted).

28/11/17: Hacking the market: Systemic contagion from cybersecurity breaches

Our article for LSE Business Review is now live on the site: http://blogs.lse.ac.uk/businessreview/2017/11/28/hacking-the-market-systemic-contagion-from-cybersecurity-breaches/.

You can read (free) our paper, on which this article is based, in full here: Corbet, Shaen and Gurdgiev, Constantin, What the Hack: Systematic Risk Contagion from Cyber Events (September 7, 2017). Available at SSRN: https://ssrn.com/abstract=3033950.

Enjoy.

15/4/17: Swift & Digital Money: Cybersecurity Questions

Swift, the interbank clearance system, has been the Constantinople of the financial world's fortresses for some time now. Last year, writing in the International Banker (see link here), I referenced one cybersecurity incident that involved Swift-linked banks, and came close to Swift itself, although it did not breach Swift own systems. The response from Swift was prompt, pointing out that there has never been a cybersecurity breach at Swift.

Well, it appears that the fortress is no more. Latest reports suggest that NSA (a state actor in cybersecurity world) has successfully breached Swift firewalls. Details are here:
http://www.reuters.com/article/us-usa-cyber-swift-idUSKBN17H0NX.

From financial services and economy perspective, this is huge. Take a macro view: for years we have been told that cash and physical gold and silver are not safe. And for years this argument has been juxtaposed by the alleged 'safety' of digital money (not the Bitcoin and other cryptos, which the Governments loath and are keen on declaring 'unsafe', but state-run Central-Banks-operated digital money). The very notion of e-finance or digital finance rests on the basic tenet of infallibility of Swift. That infallibility is now gone. Welcome to the brave new world where the Governments promise you safe digital money in exchange for privacy and liquidity, while delivering a holes-ridden dingy of a system that can and will be fully compromised by the various states' actors and private hackers.

Come here, doggie, doggie! Have a treat...