No one ever wants to read press releases, not even journalists, and especially not when the documents are dense corporate financial updates trying to make things sound rosy to investors no matter what. You can imagine, though, that these perfunctory releases might take on a whole other significance and value to someone interested in, say, insider trading.
A series of both criminal and civil cases have been going on for months now to expose and potentially punish hackers and traders who used unpublished press releases to inform their trading and make big money. Between 2010 and 2015 a group of Ukrainian hackers infiltrated three newswire services—industry mainstays Business Wire, Marketwired and PR Newswire—and shared thousands of embargoed corporate news releases over time with a group of traders. And last week, one day trader, Leonid Momotok, 48, of Suwanee, Georgia joined four other defendants in pleading guilty to conspiracy and fraud charges related to using the hacked information. Momotok will face up to 20 years in prison for conspiracy to commit wire fraud.
Hacking press release databases doesn’t sound like a very glamorous scheme, but it speaks to a larger problem: as criminals exhaust low hanging fruit, they begin thinking more creatively about how seemingly banal systems and infrastructure, like a company interacting with a press release service, can potentially yield valuable data. In cybersecurity an important concept of defense is the idea of reducing a system’s “attack surface.” The more third parties, contractors, consultants, etc. an institution (or individual) interfaces with, the bigger the attack surface for potentially accessing sensitive data.
Robert Capers, US Attorney for the Eastern District of New York, said in a statement about Tuesday’s guilty plea that, “Momotok and his group of traders engaged in a brazen scheme that was unprecedented in its scope, impact and sophistication.”
According to the charges filed, Momotok and his codefendants allegedly helped …