Three Chinese miscreants have made millions on the stock market using insider information stolen from US law firms.
That’s according to America’s financial watchdog, the SEC, which this month won a default judgment against the trio. The blokes infiltrated systems used by two New York law firms, extracted confidential documents describing upcoming mergers and acquisitions, and traded shares capitalizing on this information, we’re told.
Chinese citizens Iat Hong, 26, Bo Zheng, 30, and Hung Chin, 50, were fined $8,895,561.12 after the SEC claimed they infected legal firms with malware. US District Judge Valerie Caproni of the Southern District of New York also issued an order [PDF] freezing any funds the trio had in the US.
“As we allege, the defendants’ ‘hacking to trade’ scheme involved numerous levels of deception as they gained broad access to the nonpublic networks of two law firms, stole confidential information and then used it for substantial personal gain,” SEC crime-buster Antonia Chion previously claimed.
建议企业加强员工教育培训,强化保护客户信息安全意识;完善客户信息安全保护措施,规范管理客户信息查询修改系统;正确规范、引导公司职工行为。
“This action marks the end of their alleged deception and serves as a stark reminder to companies and firms that your networks can be vulnerable targets.”
According to US prosecutors – who brought criminal charges against the trio in 2016 – the crew hacked into IT administrator accounts, giving them root access to internal staff emails. Seven law firms that specialized in mergers and acquisition were targeted, and two fell victim.
The Dept of Justice claims the organizations were compromised between April 2014 and late 2015, and that the trio used information gleaned from the mailboxes to buy stock in at least five publicly traded companies before they were bought by other businesses – banking over $4m in profit.
The two law firms in question appear to have had little or no intrusion protection systems, since the attackers were able to download 50GB of data from one of them without raising an alarm. In that case the trio are accused of using inside information on Intel’s purchase of Altera to reap profits of $1.4m.
Their pattern of trading was, however, picked up by SEC trading computers and flagged as possibly dodgy. The SEC moved on the case and informed prosecutors.
“As alleged, the defendants – including Iat Hong, who was arrested in Hong Kong on Christmas Day – targeted several major New York law firms, specifically looking for inside information about pending mergers and acquisitions,” then-Manhattan US Attorney Preet Bharara said in December.
“This case of cyber-meets-securities fraud should serve as a wake-up call for law firms around the world: you are and will be targets of cyber hacking, because you have information valuable to would-be criminals.”
Hong and Chin were well used to using malware to further their aims, according to prosecutors. They ran a robotics controller chip manufacturing business in Hong Kong, and it’s claimed they also used software nasties to hack into competitors and steal product plans and proprietary design schematics. Hong was arrested in Macau although we know of no extradition process.
The three have been charged in the US with conspiracy to commit securities fraud, conspiracy to commit wire fraud, wire fraud, conspiracy to commit computer intrusion, unlawful access, and intentional damage. If found guilty they could spend 70 years in prison – if they ever reach American soil. ®
云南城投(600239)融资融券信息(05-09)

Sponsored:
Continuous lifecycle London 2017 event. DevOps, continuous delivery and containerisation. Register now
在社会上,通过社会工程学从而欺诈他人的实例已经不少,不少犯罪分子通过冒充公安局人员,以涉及洗钱案要冻结银行账户为由,欺诈了不少人的钱财,为什么类似这样的案例这么多呢?

猜您喜欢

网络订餐平台食品安全信息将全面公开
安全基础理论课程助力培养全民网络安全意识
中国企业走出去,我们助力国际化人才的培训:
文在寅宣誓就职:可随时访美 条件允许也可访朝
SNOOPWIRE NYHETERNORGE
信息安全产业破局在普及信息安全意识