Friday, October 1, 2010
If cyberwar and cyberterrorism is true, this is a target
I was reading this post from CBC News about the "flash crash" that occured in Dow Jones last May. The SEC report says it was entirely caused by a mistake from a single firm. Hey, the index fall 1000 points in less than one hour! With all this thing about Stuxnet around, can you imagine the impact of a "stock trading stuxnet"? If a single firm can cause that, a worm capable of doing the same thing with trading systems would cause huge losses to the market, and using Dow Jones as an example to US as a country. To make things worse, the trading systems are also becoming more and more standardized, using open protocols like FIX, what makes it even easier to develop such malware. I can also say that there's a lot of non-IT people developing software for those trading companies, what means that the best practices in software development are probably not being followed.So, there is a huge target, the opportunity and certainly people with means. That's the classic triad for "shit happening".