Suspect arrested over Hong Kong Stock Exchange web attacks

Less than two weeks ago, web services at the Hong Kong Stock Exchange (HKEx) were hit by Distributed Denial of Service (DDoS) attacks for two days in a row.

Although the bourse’s CEO, Charles Li, said no trading or financial systems were breached in the attacks, trading was affected for several hours.

Backup plans were made for HKEx to publish important company results the old-fashioned way – in local newspapers – to reduce the market’s reliance on HKEx’s web presence.

Reports at the time of the DDoSes suggested that a botnet had been used, since the attacks originated from a wide range of sources around the world.

This makes botnets harder to stop, since there is no easily-recognisable starting point or pattern to the malicious traffic. It also makes botnet operators harder to track down, for precisely the same reason.

Nevertheless, a man was recently arrested in Hong Kong in connection with the attack. Details are still sketchy: his name has not been released, and the nature of the charges and evidence against him is not yet known.

All that has appeared in the media so far is that the suspect is allegedly a 29-year-old businessman, and was arrested in Kwun Tong, a largely industrial area in the east of Kowloon.