This is a top-read story from the SecureWorld News archives.
When I was a cub reporter at KHQ-TV, those of us in the news business truly were the first to know: breaking news was coming in across the AP wire, and video was coming in from live trucks around the country.
We saw things, every day, before the rest of the world did.
Those times are long gone. Now newsrooms learn about things from live streams, tweets, and posts that bounce around the world in seconds.
One of the key exceptions: earnings releases and other material facts about companies. These are still tightly controlled and timed to guard against insider trading.
Criminal hackers see opportunity
And that's where former hedge fund manager Vitaly Korchevsky and securities trader Vladislav Khalupsky saw opportunity.
They worked with a gang of criminal hackers who allowed them to see the future, and that, it turns out, is highly profitable.
The criminal group made $30,000,000 over five years.
A jury convicted both men in 2018, of crimes that could put them in jail for two decades.
Hacking the future: how the scheme worked
According to the U.S. Attorney's office in New York, computer hackers based in the Ukraine gained unauthorized access into the computer networks of Marketwired, PR Newswire, and Business Wire, through a series of sophisticated cyber attacks.
"At one point, one of the hackers sent an online chat message in Russian to another individual stating, 'hacking prnewswire.com.' The hackers moved through the computer networks and stole press releases about upcoming announcements by public companies concerning earnings, revenues and other material non-public information."
Over the course of the scheme, the hackers stole more than 100,000 press releases. They were the first to know what businesses would announce in a few hours or the next day.
And they shared this information via overseas computer servers controlled by the hackers or through secure email accounts.
Korchevsky and Khalupsky would then go to work with these secrets, trading stocks on the stolen information before the rest of the world knew what that information would be.
In other words, the men placed their bets because they already knew who was going to win. They were.
Were your company's earnings accessed?
The U.S. Attorney's office says stolen press releases contained material nonpublic information about hundreds of publicly traded companies (maybe yours), and it named a few of the most recognizable:
- Align Technology Inc. (makers of Invisalign)
- CA Technologies
- Caterpillar Inc.
- Home Depot
- Panera Bread Co.
- Verisign Inc.
Criminal network tries to cover its tracks
According to the the U.S. Attorney's Office, the criminal hacking and trading gang tried to hide and destroy evidence while it was making millions.
"The conspirators used separate phones, computers and hotspots to conduct their illegal trading activity, and routinely deleted emails and/or destroyed hardware that contained evidence of their crimes."
Where did the profits go? They were carefully transferred to offshore shell accounts.
But five years and $30 million in profits later, a collaborating group of U.S. law enforcement agencies arrested Korchevsky and Khalupsky.
Now that a jury has found them guilty, they are awaiting sentencing.
"This case represents the core of the U.S. Secret Service's commitment and strategy to aggressively pursue cyber-enabled financial criminal enterprises through our proven task force model of global partnerships," says United States Secret Service Deputy Assistant Director Michael Breslin.
Prosecuting crimes like these is also why the U.K. just announced the establishment of a flagship cyber court.
Knowing things before anyone else
As I flashback to my days in the TV newsroom, I know why we were excited to have inside information on breaking news. Because as journalists, we would get to share it with the world.
Now it's Vitaly Korchevsky and Vladislav Khalupsky who may get to share something. Not the secrets they stole, but instead, time together in prison.
Gain visibility into the new year by joining your peers at a SecureWorld cybersecurity conference.