DOCSLIB.ORG

Who's Spying on You? | Cyber-Espionage Whitepaper

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Who's Spying on You? | Cyber-Espionage Whitepaper SPECIAL REPORT WHO’S SPYING ON YOU? No business is safe from cyber-espionage With Kaspersky, now you can. kaspersky.com/business Be Ready for What’s Next CONTENTS “Many cyberattacks can be mitigated by relatively Cyber-espionage: simple measures. Why should your business care? 4 Espionage is nothing new 5 Unfortunately, some What do the perpetrators gain? 7 people fail to take Is any business safe? 8 what appear to be basic precautions – such as Methods of spreading cyber-espionage malware 14 using strong passwords, Beyond cyber-espionage 16 applying patches and How can you protect running a security your business? 17 solution. In many cases, How Kaspersky Lab security breaking into a company’s technologies can help 22 network is easier than Appendix: it sounds.” An overview of some COSTIN RAIU significant cyberthreats 28 “High-profile targeted DIRECTOR, GLOBAL RESEARCH & ANALYSIS TEAM A cyber-glossary 30 KASPERSKY LAB attacks on enterprises About Kaspersky 34 are becoming increasingly widespread. Thousands of businesses have already been hacked and had their sensitive data stolen – resulting in multi-billion dollar losses. Cyber-espionage is a tangible and growing global threat today – and fighting it is one of the principal tasks we’ve set ourselves.” EUGENE KASPERSKY CEO, KASPERSKY LAB 2 3 WHY SHOULD YOUR BUSINESS ESPIONAGE IS NOTHING NEW CARE ABOUT CYBER-ESPIONAGE? EXECUTIVE OVERVIEW Espionage, in one form or another, has existed for as long as any Cyber-espionage may sound like some strangely exotic activity from organisation or individual has felt that it could gain an advantage the movies. However, the harsh reality is that almost any business by illicitly accessing someone else’s confidential information. Everyone’s can become a target – or can be damaged in the crossfire when familiar with various nation states’ attempts to steal other countries’ cybercriminals launch an attack against another organisation. secrets. Similarly, industrial espionage has also been a feature of business life for a long time. However, recent years have seen a dramatic change in It’s largely immaterial whether your business is being directly targeted the level and nature of the espionage threats that can affect businesses or just happens to suffer collateral damage as a result of getting of all sizes. caught up in another organisation’s ‘battle’. Either way, the results can be devastating. The ease with which cyber-espionage campaigns can be implemented is now In this report, Kaspersky Lab’s cybersecurity experts give you an enticing more organisations into running their own spying activities – even insight into: though many of these organisations would never have considered undertaking old-fashioned industrial espionage. • How businesses can suffer from direct – and indirect – cyber-espionage attacks • What you can do to protect your business… and its hard-won reputation • How specific technologies can help defend your corporate network and data against sophisticated threats The risks are real – and they’re growing in volume and sophistication – but Kaspersky is here with sound advice… and innovative protection technologies. 4 5 WHat DO THE PERPetratORS SO WHat’S CHANGED? SIMPLIFIED SPYING… WITH MORE As the Internet-enabled age gathered IMMEDIate rewardS GAIN FROM CYBER-ESPIONAGE? pace and greater connectivity and Gone are the days of having to break improved mobile communications into office premises or patiently became possible, businesses were wait for ‘insider contacts’ to gather quick to recognise the benefits of information and pass on secrets. giving their employees, customers Rummaging through a company’s and suppliers ‘anywhere, anytime wastepaper bins or paying office staff access’ to business systems and to collect data was always inefficient, DIFFERENT TYPES OF attackerS “Information is power – so, when essential data. The efficiency and time-consuming and risky. Now, it’s HAVE DIFFERENT OBJECTIVES: a cybercriminal steals information, productivity benefits have been simply unnecessary. With the right • Cybercriminals readily the theft can neutralise any considerable – even ‘game changing’ computer hacking skills, individuals understand the value of advantage enjoyed by the original for many businesses, as the Internet and organisations can spy on corporate information. There owner of the data. has helped them to open up new companies and obtain valuable are opportunities to gain from This applies whether the target sales channels and generate information – without ever having extortion and ransom campaigns – is a nation state – holding military additional revenues. to leave the comfort of their office. as well as selling stolen data secrets – or a business with on the black market. intellectual property and However, that same ‘always-on Businesses can be attacked via • Hacktivists focus on causing commercial secrets that give connectivity’ – to business insecurities in their own website, reputation damage and disruption them a competitive advantage.” information and other sensitive data through vulnerabilities in popular to organisations that the – has also created opportunities business software that they’re hacktivists have issues with. They SERGEY LOZHKIN for cybercriminals. With businesses running or as a result of their realise that a leak of confidential SECURITY RESEARCHER GLOBAL RESEARCH & ANALYSIS TEAM storing intellectual property and employees clicking on malware- information – about customers, KASPERSKY LAB confidential information within infected emails. suppliers or employees – could networked systems, spying lead to severe embarrassment operations are much easier to and/or significant legal penalties. implement and can be much more • Cyber-mercenaries seek payment “Businesses of all sizes process rewarding for the perpetrators. from anyone who will hire them – and store data that’s of value including governments, protest to themselves, their customers groups or businesses – to steal and/or their competitors. CYberattackS HAVE A SEVERE specific information. WHEN BUSINESSES LOSE data… Even a simple database of IMPact ON A BUSINESS’S • Nation states (government … THEY OFTEN LOSE MUCH MORE customer contact information ‘BOttOM LINE’ agencies) – or their contractors – is valuable.” AVERAGE LOSSES IN THE EVENT OF A AVERAGE COST OF A Data LOSS INCIDENT focus on collecting strategic targeteD CYberattack: FOR A LARGE ENTERPRISE: information or disrupting industrial PETER BEARDMORE facilities in hostile countries. SENIOR DIRECTOR OF PRODUCT MARKETING KASPERSKY LAB $2.4MSource: Global Corporate IT Security Risks 2013, B2B International Source:$649,000 Global Corporate IT Security Risks 2013, B2B International 6 7 IS ANY BUSINESS SAFE FROM CYBER-ESPIONAGE? IS YOUR BUSINESS A PRIME GOOGLE, ADOBE AND OTHERS attacked tarGET? Described as a watershed moment in It is easy to understand why cybersecurity, the Operation Aurora attack hit government organisations and Google, Adobe and over 30 other high profile military agencies are subjected companies in 2009. to cyber-espionage attacks. Apart Despite efforts to address the software from state-sponsored initiatives, vulnerabilities that were exploited by the independent protest groups often attackers, in 2012 it was revealed that the The simple answer is no. Even the smallest businesses can be directly attempt to disrupt government exploit continued to target defence contractors and the supply chains of third-party companies. targeted for the sensitive or valuable information they hold – from operations or steal sensitive customer banking details, to supplier information or even data that can information. Cyber-mercenaries The attackers seek to gain control over be used to help stage an attack on a larger enterprise. also target government bodies – corporate systems and steal sensitive data. to fulfil their employers’ objectives Insecure websites and email phishing strategies are at the heart of what is widely For example, ‘supply chain attacks’ – such as IceFog (see Appendix I) – for stealing money or data. believed to be a state-sponsored cyber- collect information from various third-party bodies/suppliers and then espionage attack. use that data to develop and enable targeted attacks against specific Similarly, because they hold a businesses or organisations. wealth of valuable information – and have hard-won business AttackS AGAINST AMERICAN EXPRESS AND reputations that they need to JP MORGAN CHASE protect – large enterprises and “When you’re assessing the risks to your business, never multinational corporations are In 2013, both American Express and underestimate how the ‘human element’ can weaken your also obvious targets for a vast JP Morgan Chase became the victims of cyberattacks that were claimed to have been defences. If employees fall for spear-phishing campaigns or array of different types launched by a religious group. However, US click on an ‘infected’ link in an email, your security could be of cyberattack, including intelligence and security experts believe that cyber-espionage. Iran was responsible for the attacks. at risk.” The attacks took both companies offline for SERGEY LOZHKIN several hours. SECURITY RESEARCHER GLOBAL RESEARCH & ANALYSIS TEAM Over a six-week period at the beginning of KASPERSKY LAB 2013, 15 of the US’s largest banks suffered a total of 249 hours offline as a result of cyberattacks. “It doesn’t matter if you’re talking about a Fortune 500 Company, or a two-person start-up operating in someone’s parents garage. Everyone has something to
Load more

Recommended publications
  • Better Market Intelligence with Smart Search Anaging Uncertainty and Risk in Business Requires a 1 Mcomprehensive Market Intelligence Approach
    Better Market Intelligence with Smart Search anaging uncertainty and risk in business requires a 1 Mcomprehensive market intelligence approach. But maintaining ongoing knowledge of competitor activity/strategies, not to mention the latest legal and regulatory shifts and economic factors, is more difficult than ever before. Defining a competitive set has never been more complicated A clear view of your competitor landscape is essential. Unfortunately, comprehensively tracking competitors can be imprecise and hard to measure when competitive lines are shifting such as: Entrenched players expand into a new vertical (e.g., Amazon buys Whole Foods) Disruptive startups radically change a competitive landscape overnight (especially since disruptors are hard to track due to a nascent digital footprint). Information overload + data fatigue Historically, market intelligence programs operated under the belief that analysis of competitors could be based exclusively on publicly available information.1 While some high quality secondary sources of A wealth of information information—for example, broker research—are not is a double-edged sword. free for the general public, it is true that a wealth of It creates noise, making it information about companies is readily available on difficult to hone in on the the Internet. most relevant information But a wealth of information is a double-edged sword. to your precise interests. It creates noise, making it difficult to hone in on the most relevant information to your precise interests. It’s easy to publish unverified, uncited information, making it too easy for a company to push a strategic communications message that’s impossible to verify (for example, “We’ll be first to market with this cancer-stopping drug”).
    [Show full text]
  • Kaspersky Lab, Inc. V. United States, No
    United States Court of Appeals FOR THE DISTRICT OF COLUMBIA CIRCUIT Argued September 14, 2018 Decided November 30, 2018 No. 18-5176 KASPERSKY LAB, INC. AND KASPERSKY LABS LIMITED, APPELLANTS v. UNITED STATES DEPARTMENT OF HOMELAND SECURITY AND KIRSTJEN M. NIELSEN, IN HER OFFICIAL CAPACITY AS SECRETARY OF HOMELAND SECURITY, APPELLEES Consolidated with 18-5177 Appeals from the United States District Court for the District of Columbia (No. 1:17-cv-02697) (No. 1:18-cv-00325) Scott H. Christensen argued the cause for appellants. With him on the briefs were Ryan P. Fayhee and Stephen R. Halpin III. Lewis S. Yelin, Attorney, U.S. Department of Justice, argued the cause for appellees. With him on the brief was H. Thomas Byron, III. 2 Before: TATEL, Circuit Judge, and EDWARDS and GINSBURG, Senior Circuit Judges. Opinion for the Court filed by Circuit Judge TATEL. TATEL, Circuit Judge: Kaspersky Lab is a Russian-based cybersecurity company that provides products and services to customers around the world. Recently, however, Kaspersky lost an important client: the United States government. In September 2017, based on concerns that the Russian government could exploit Kaspersky’s access to federal computers for ill, the Acting Secretary of Homeland Security directed federal agencies to remove the company’s products from government information systems. And a few months later, Congress broadened and codified that prohibition in the National Defense Authorization Act. Kaspersky sued, arguing that the prohibition constitutes an impermissible legislative punishment—what the Constitution calls a bill of attainder. The government responded that the prohibition is not a punishment but a prophylaxis necessary to protect federal computer systems from Russian cyber-threats.
    [Show full text]
  • Commercial and Industrial Cyber Espionage in Israel
    Commercial and Industrial Cyber Espionage in Israel Shahar Argaman and Gabi Siboni Cyberspace is especially suited to the theft of business information and to espionage. The accessibility of information, along with the ability to remain anonymous and cover one’s tracks, allows various entities to engage in the theft of valuable information, an act that can cause major damage. Israel, rich in advanced technology and a leader in innovation-based industries that rely on unique intellectual property, is a prime target for cyber theft and commercial cyber attacks. This article examines the scope of cyber theft and cyber industrial espionage globally, and attempts to estimate how much !nancial damage they cause in countries around the world and in Israel. It seeks to raise awareness of the extent of the phenomena among the relevant authorities in Israel and provide recommendations on how to grapple with it. Keywords : Cyber, espionage, industrial espionage, intellectual property, cyber crime, cyber theft, technology “There are two types of companies: companies that have been breached and companies that don’t know they’ve been breached…. The vast majority of companies have been breached.” 1 Shawn Henry The director of the National Security Agency, Gen. Keith Alexander, called cybercrime “the greatest transfer of wealth in history.” The price tag for intellectual property theft from U.S. companies is at least $250 billion a year .2 Shahar Argaman is the director of the National Cyber Sta!. Col. (ret.) Dr. Gabi Siboni is the head of the Military and Strategic A!airs Program and Cyber Security Program at INSS. Military and Strategic Affairs | Volume 6 | No.
    [Show full text]
  • What You Should Know About Kaspersky
    What you should know Proven. Transparent. about Kaspersky Lab Independent. Fighting for your digital freedom Your data and privacy are under attack by cybercriminals and spy agencies, so you need a partner who is not afraid of standing beside you to protect what matters to you most. For over 20 years, Kaspersky Lab has been catching all kinds of cyberthreats. No matter whether they come from script kiddies, cybercriminals or governments, or from the north, south, east or west. We believe the online world should be free from attack and state-sponsored espionage, and will continue fighting for a truly free and safe digital world. Proven Transparent Independent Kaspersky Lab routinely scores the highest We are totally transparent and are making As a private company, we are independent marks in independent ratings and surveys. it even easier to understand what we do: from short term business considerations and institutional influence. • Measured alongside more than 100 other • Independent review of the company’s well-known vendors in the industry source code, software updates and We share our expertise, knowledge • 72 first places in 86 tests in 2017 threat detection rules and technical findings with the world’s • Top 3 ranking* in 91% of all product tests • Independent review of internal security community, IT security vendors, • In 2017, Kaspersky Lab received processes international organizations, and law Platinum Status for Gartner’s Peer • Three transparency centers by 2020 enforcement agencies. Insight** Customer Choice Award 2017, • Increased bug bounty rewards with up in the Endpoint Protection Platforms to $100K per discovered vulnerability Our research team is spread across the market world and includes some of the most renowned security experts in the world.
    [Show full text]
  • Competitive Intelligence: Systematic Collection and Analysis of Information
    Journal of Critical Reviews ISSN- 2394-5125 Vol 6, Issue 5, 2019 Competitive Intelligence: Systematic Collection and Analysis of Information Kundharu Saddhono1, Jacky Chin2, Apriana Toding3, Muhammad Nuzul Qadri4, Ismail Suardi Wekke5 1Universitas Sebelas Maret, Indonesia. E-mail: [email protected] 2Industrial Engineering Department, Mercu Buana University, Jakarta 11650, Indonesia 3Department of Electrical Engineering, Universitas Kristen Indonesia Paulus, South Sulawesi, Indonesia 4Sekolah Tinggi Ilmu Ekonomi Enam Enam, Kendari, Indonesia 5Sekolah Tinggi Agama Islam Negeri (STAIN) Sorong, Indonesia Received: 17.11.2019 Revised: 14.12.2019 Accepted: 18.12.2019 Abstract: Nowadays data is that the economic basis of every company. One has to understand the merchandise, the technology behind it, however additionally the client, the contestant and different circumstances that influence the business. The scientific term for the need information of data gathering and its transformation into applicable knowledge is Competitive Intelligence. This thesis focuses on three queries concerning competitive intelligence that area unit coupled during a model. First off it offers an outline concerning the foremost vital styles of competitive intelligence. Supported three sorts, specifically Market Intelligence, contestant Intelligence and Internal Intelligence, it raises the question if there area unit industry- specific necessities and general key aspects of the activity. The main focus cluster consists of fifteen international corporations from completely different industries that were analyzed with regard to military operation and kinds of competitive intelligence activities. Secondly the thesis considers legal aspects. It asks however effective international treaties and European laws area unit in terms of legal action of unfair competition and protection of material possession rights.
    [Show full text]
  • Last Summer, the World's Top Software-Security Experts Were
    A DeclarationLast summer, the world’s top software-security experts were of Cyber-War panicked by the discovery of a drone-like computer virus, radically different from and far more sophisticated than any they’d seen. The race was on to figure out its payload, its purpose, and who was behind it. As the world now knows, the Stuxnet worm appears to have attacked Iran’s nuclear program. And, as MICHAEL JOSEPH GROSS reports, while its source remains something of a mystery, Stuxnet is the new face of 21st-century war: invisible, anonymous, and devastating 152 VANITY FAIR PHOTOGRAPHS BY JONAS FREDWALL KARLSSON APRIL 2011 A DeclarationLast summer, the world’s top software-security experts were of Cyber-War panicked by the discovery of a drone-like computer virus, radically different from and far more sophisticated than any they’d seen. The race was on to figure out its payload, its purpose, and who was behind it. As the world now knows, the Stuxnet worm appears to have attacked Iran’s nuclear program. And, as MICHAEL JOSEPH GROSS reports, while its source remains something of a mystery, Stuxnet is the new face of 21st-century war: invisible, anonymous, and devastating GAME OF SHADOWS Eugene Kaspersky, co-founder and C.E.O. of Kaspersky Lab— a Moscow-based computer-security company and an early investigator of Stuxnet—photographed on the Bolshoy Moskvoretsky Bridge, FOR DETAILS, GO TO VF.COM/CREDITS near the Kremlin. APRIL 2011 153 “PERSON OF INTEREST” Computer-security researcher Frank Rieger, one of the !rst to study the Stuxnet worm closely, at Berlin’s Chaos computer Club.
    [Show full text]
  • Espionage Against the United States by American Citizens 1947-2001
    Technical Report 02-5 July 2002 Espionage Against the United States by American Citizens 1947-2001 Katherine L. Herbig Martin F. Wiskoff TRW Systems Released by James A. Riedel Director Defense Personnel Security Research Center 99 Pacific Street, Building 455-E Monterey, CA 93940-2497 REPORT DOCUMENTATION PAGE Form Approved OMB No. 0704-0188 The public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing the burden, to Department of Defense, Washington Headquarters Services, Directorate for Information Operations and Reports (0704- 0188), 1215 Jefferson Davis Highway, Suite 1204, Arlington, VA 22202-4302. Respondents should be aware that notwithstanding any other provision of law, no person shall be subject to any penalty for failing to comply with a collection of information if it does not display a currently valid OMB control number. PLEASE DO NOT RETURN YOUR FORM TO THE ABOVE ADDRESS. 1. REPORT DATE (DDMMYYYY) 2. REPORT TYPE 3. DATES COVERED (From – To) July 2002 Technical 1947 - 2001 4. TITLE AND SUBTITLE 5a. CONTRACT NUMBER 5b. GRANT NUMBER Espionage Against the United States by American Citizens 1947-2001 5c. PROGRAM ELEMENT NUMBER 6. AUTHOR(S) 5d. PROJECT NUMBER Katherine L. Herbig, Ph.D. Martin F. Wiskoff, Ph.D. 5e. TASK NUMBER 5f. WORK UNIT NUMBER 7. PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES) 8.
    [Show full text]
  • Hacks, Leaks and Disruptions | Russian Cyber Strategies
    CHAILLOT PAPER Nº 148 — October 2018 Hacks, leaks and disruptions Russian cyber strategies EDITED BY Nicu Popescu and Stanislav Secrieru WITH CONTRIBUTIONS FROM Siim Alatalu, Irina Borogan, Elena Chernenko, Sven Herpig, Oscar Jonsson, Xymena Kurowska, Jarno Limnell, Patryk Pawlak, Piret Pernik, Thomas Reinhold, Anatoly Reshetnikov, Andrei Soldatov and Jean-Baptiste Jeangène Vilmer Chaillot Papers HACKS, LEAKS AND DISRUPTIONS RUSSIAN CYBER STRATEGIES Edited by Nicu Popescu and Stanislav Secrieru CHAILLOT PAPERS October 2018 148 Disclaimer The views expressed in this Chaillot Paper are solely those of the authors and do not necessarily reflect the views of the Institute or of the European Union. European Union Institute for Security Studies Paris Director: Gustav Lindstrom © EU Institute for Security Studies, 2018. Reproduction is authorised, provided prior permission is sought from the Institute and the source is acknowledged, save where otherwise stated. Contents Executive summary 5 Introduction: Russia’s cyber prowess – where, how and what for? 9 Nicu Popescu and Stanislav Secrieru Russia’s cyber posture Russia’s approach to cyber: the best defence is a good offence 15 1 Andrei Soldatov and Irina Borogan Russia’s trolling complex at home and abroad 25 2 Xymena Kurowska and Anatoly Reshetnikov Spotting the bear: credible attribution and Russian 3 operations in cyberspace 33 Sven Herpig and Thomas Reinhold Russia’s cyber diplomacy 43 4 Elena Chernenko Case studies of Russian cyberattacks The early days of cyberattacks: 5 the cases of Estonia,
    [Show full text]
  • Open Source Intelligence and Osint Applications
    Sanna Tuominen OPEN SOURCE INTELLIGENCE AND OSINT APPLICATIONS OPEN SOURCE INTELLIGENCE AND OSINT APPLICATIONS Sanna Tuominen Bachelor’s Thesis Spring 2019 Information Technology Oulu University of Applied Sciences ABSTRACT Oulu University of Applied Sciences Degree Programme in Information Technology, Option of Intelligent Systems Author: Sanna Tuominen Title of the bachelor’s thesis: Open Source Intelligence and OSINT Applications Supervisor: Eino Niemi Term and year of completion: Spring 2019 Number of pages: 55 + 3 appendices Emerge of the Internet as a global platform for sharing and exchanging information world-wide has increased exponentially the amount of publicly available data. Open source intelligence [OSINT] aims at addressing specific intelligence requirements utilising this data. Open source intelligence is traditionally associated with military intelligence, yet users of OSINT today are ranging from governments to businesses and regular citizens. The objective of this thesis was to study what open source intelligence is and demonstrate the use of selected OSINT tools. In the theory sections, this thesis considered the current state of OSINT and evaluated its future. The popularity of OSINT is increasing, and the usage of OSINT is expanding into new arenas. The main challenge with OSINT is the trouble of finding the meaningful bits from massive data amounts. Hence, this thesis introduced and demonstrated three OSINT solutions displaying the nature and the differing attributes of the selected OSINT solutions. The study of the solutions was conducted as a demonstration assessment, where the use and the results of selected OSINT solutions were recorded and observed. The thesis findings show that the range of OSINT solutions is wide and scattered.
    [Show full text]
  • 1 United States District Court for the District Of
    Case 1:17-cv-02697-CKK Document 26 Filed 05/30/18 Page 1 of 55 UNITED STATES DISTRICT COURT FOR THE DISTRICT OF COLUMBIA KASPERSKY LAB, INC., et al., Plaintiffs v. Civil Action No. 17-2697 (CKK) UNITED STATES DEPARTMENT OF HOMELAND SECURITY, et al., Defendants KASPERSKY LAB, INC., et al., Plaintiffs v. Civil Action No. 18-325 (CKK) UNITED STATES OF AMERICA, Defendant MEMORANDUM OPINION (May 30, 2018) The United States government’s networks and computer systems are extremely important strategic national assets. Threats to these systems are constantly expanding and evolving. Their security depends on the government’s ability to act swiftly against perceived threats and to take preventive action to minimize vulnerabilities. These defensive actions may very well have adverse consequences for some third-parties. But that does not make them unconstitutional. Plaintiffs in the two lawsuits discussed in this Opinion represent Kaspersky Lab, a large multinational cybersecurity company headquartered in Russia. At least until 2017, Kaspersky Lab’s cybersecurity products were used to defend the networks and computer systems of a number of United States federal government agencies. Amid growing concerns in early 2017 about malicious Russian cyber activity against the United States, government officials and members of Congress began asking questions, and voicing concerns, about the presence of these products on government systems. These concerns were based on the risk that the use of 1 Case 1:17-cv-02697-CKK Document 26 Filed 05/30/18 Page 2 of 55 Kaspersky Lab products to defend United States government computer systems could be exploited by Russia, either with or without Kaspersky Lab’s consent, cooperation, or knowledge.
    [Show full text]
  • Market Intelligence Surveillance Market Intelligence, Surveillance
    Market Intelligence, Surveillance Systems and Techniques to Detect and Deter Securities Market Fraud Ester Saverson, Jr., Assistant Director Office of International Affairs U.S. Securities and Exchange Commission* *The U.S. Securities and Exchange Commission, as a matter of policy, disclaims responsibility for any private publication or presentation of its staff. The views expressed herein are those of the authors and do not necessarily reflect the views of the Commission, individual commissioners, or the author’s colleagues on the staff of the Commission. Three Major Types of Market Fraud Trade Based Market Manipulation – Pre-arranged Trades • Washed Trades • MthdTMatched Tra des – Marking (pegging and capping) the Close – Short Squeeze – Controlling the Supply of a Security AtiAction B ased dM Mark ktMet Man ipu ltilation – Misrepresentation or False Statement IfInformat ion B ased dMk Market Man ipu lat ion – Insider Trading – Front Running Why is Market Fra ud Bad? Fraud affects the integrity of the market – Drive pppeople out of market – Keep capital on the sidelines MiltidittthidManipulation distorts the independ dtent trading and pricing mechanism – Raises the cost of capital – Lowers cost of securities Securities regulation is intended to ensure tha t mar ke ts are fa ir, effi ci ent and transparent Areas of Concern TdiTrading at or near th hCle Close Spikes in volume or price Block Trading Offerings Redemptions Program Trading Short Sales Mergers and Acquisitions Spikes Before a material announcement Key Elements
    [Show full text]
  • BIS Quarterly Review September 2007 International Banking and Financial Market Developments
    BIS Quarterly Review September 2007 International banking and financial market developments BIS Quarterly Review Monetary and Economic Department Editorial Committee: Claudio Borio Frank Packer Paul Van den Bergh Már Gudmundsson Eli Remolona William White Robert McCauley Philip Turner General queries concerning this commentary should be addressed to Frank Packer (tel +41 61 280 8449, e-mail: [email protected]), queries concerning specific parts to the authors, whose details appear at the head of each section, and queries concerning the statistics to Philippe Mesny (tel +41 61 280 8425, e-mail: [email protected]). Requests for copies of publications, or for additions/changes to the mailing list, should be sent to: Bank for International Settlements Press & Communications CH-4002 Basel, Switzerland E-mail: [email protected] Fax: +41 61 280 9100 and +41 61 280 8100 This publication is available on the BIS website (www.bis.org). © Bank for International Settlements 2007. All rights reserved. Brief excerpts may be reproduced or translated provided the source is cited. ISSN 1683-0121 (print) ISSN 1683-013X (online) BIS Quarterly Review September 2007 International banking and financial market developments Overview : credit retrenchment triggers liquidity squeeze.................................... 1 Credit markets sell off as mortgage exposures are reassessed ............. 2 Box: Liquidity risk and ABCP mechanics ............................................ 7 Bond yields plunge as investors flee risky assets .................................
    [Show full text]