News began to spread last month about an extraordinary cyber attack on a large hedge fund that struck at the firm’s high-speed trading apparatus. The assault appeared to take the hacking of financial firms to a whole new level.
According to an executive at BAE Systems, the firm was hired to help the hedge fund respond to the attack. He said that in late 2013 hackers used a tactic called “spear phishing” to trick hedge fund employees into opening e-mails that secretly installed malware on the hedge fund’s servers. Soon thereafter, the BAE executive said, the hedge fund began to realize that its high-speed trading strategy was no longer effective, due to unexplained lags in the time between when they issued trade orders and the execution of those orders.
