CyberWolf: Assessing vulnerabilities of ICT-intensive financial markets

The volume of transactions in financial markets is impressive: E.g., every four days an amount similar to the USA GDP flows through the Forex (foreign exchange, which is only one of the several financial markets). Currently, financial markets are ICT-driven, i.e., about 60% of transactions are automatically launched by computers and the annual impact of such transaction is greater than 30 times the world GDP. The growing complexity of financial instruments has led to an increase in the underlying technology, and consequently it opened the door to vulnerabilities in the security and control systems. In this paper we illustrate CyberWolf, a novel attack that exploits a vulnerability of the financial market control system. The aim of the attack is creating the possibility of carrying out transactions of financial products at prices which differ significantly from their real value. In particular, CyberWolf exploits the delay of actions of market makers, who are the entities responsible for regulating the price of the financial instruments exchanged. Interestingly, the attack can be performed against big financial markets and by using a cheap setting; we show the feasibility of our attack against the Italian Stock Exchange (FTSE-MIB) by using only a laptop and a DSL internet connection. We consider the Italian Stock Exchange as a stress-test example for this kind of attack, because it is a liquid financial market (with just a few illiquid instruments) and has an effective regulator. Performing this attack on smaller and / or poorly regulated markets could lead to pathological situations that are not representative of a general case. The purpose of this paper is to highlight the possibility of fraudulent transactions, created by traders who by-pass the control of market regulator.