Can CIA Agent Jack Ryan Stop The Next Rogue Stock Market Algorithm?


We have always been fans of those Harrison Ford movies adapted from the Tom Clancy novels where he plays CIA agent Jack Ryan.  There is a new version of the series just out called “Jack Ryan: Shadow Recruit”.  This time Jack Ryan is a young CIA financial analyst that discovers a Russian plot to crash the US stock market by sending in waves of sell orders at the same time as a planned terrorist attack.  Jack is sent to Moscow to find out exactly how the Russians plan to crash the market and specifically looks for “dark pool algorithms”.

While the movie doesn’t live up to previous Jack Ryan movies, it was interesting to see the Hollywood screenwriters getting involved in equity market structure issues.

Good thing it was just a movie.  Crashing a market with a rogue algorithm could never happen in real life, right?

Well, CNBC’s Eamon Javers just reported that a hacking incident targeting a high frequency trading firm was recently uncovered:

“In an audacious and sophisticated attack, cybercriminals acting in late 2013 and sending information installed a malicious computer program on the servers of a large hedge fund, crippling its high-speed trading strategy about its trades to unknown offsite computers…attackers went after the hedge fund’s trade order entry system, seeking to disrupt the fund’s trading strategy and to send details of the trades themselves outside the firm.”

 “At first, the firm noticed that its algorithmic trading strategy—a computer-based trading system that depended on high-speed trades—had suddenly become ineffective. Upon investigation, the traders discovered an unexpected lag time between when they were issuing trade orders and when those orders were executed. The delays the attackers added to the trading software ranged from hundreds of microseconds to the low-single-digit milliseconds. BAE’s analysts concluded the attackers were trying to create tiny delays in the hundreds of microsecond range.”

“Over subsequent weeks, the team found that the malware had been programmed to insert a random lag into the firm’s order entry system of just a few milliseconds. The malware also recorded the details of those orders.”

This case brings up the issue of systemic risk.  If a high frequency trading firm’s orders could be slowed down by a hacker, what other intrusions are they susceptible to?  Could a hacker take control of an algorithm and change the quantities or prices?  Imagine the damage that could happen if a stat arb algo, which was trying to trade SPY vs. the underlying stocks, all of the sudden added a few zero’s to the quantity of the individual stock orders?  As profit margins continue to shrink in the high frequency trading world, the level of risk may increase as some firms seek to offset their shrinking margins.  Are these HFT firms properly policing their own systems? Who is checking to make sure that the proper risk controls are put in place at these proprietary trading shops?

The hedge fund that was targeted hired an outside firm, BAE Systems Applied Intelligence, to stop the attack.  A senior BAE director had this to say about the attack:

Henninger said such business-savvy financial attacks can represent “the perfect crime,” because they are extremely difficult to trace to obscure locations around the globe, and because companies can be reluctant to go to law enforcement. “It often takes a while for firms to get comfortable with the idea of exposing what is in effect their dirty laundry to a law enforcement investigation,” Henninger said. “You can imagine the impact potentially on investor confidence.”