Aussie 'hacker' jailed for unauthorised access and insider trading

The IT consultant has been sentenced to three years in prison.

An Australian IT consultant has on Tuesday been sentenced to three years imprisonment after pleading guilty to a total of 11 charges for insider trading, unauthorised access to data with the intention to commit a serious offence, and the alteration of electronic devices required by the Australian Securities and Investments Commission (ASIC).

According to a statement from ASIC, Steven Oakes hacked into the private computer network of Melbourne-based financial publisher Port Phillip Publishing (PPP) between January 2012 and February 2016.

Oakes accessed PPP's secure Wi-Fi network and used "hacking software" to intercept and decrypt Wi-Fi data to obtain the network login credentials of PPP staff. He did this with the intention of using PPP's information to engage in insider trading, ASIC explained.

The inside information was to buy recommendations for shares in particular ASX-listed companies from unpublished PPP stock recommendation reports.

"The publication of a buy recommendation by PPP for a particular company typically caused an increase in that company's share price," ASIC said.

Oakes used this information on 70 occasions to buy shares in 52 different companies, before the reports with the buy recommendations were published.

ASIC also said he made profits from selling the shares soon after the publication of the reports.

ASIC in May last year charged Oakes with 115 offences of unauthorised access to data held in a computer, insider trading, and destroying or concealing books required by the regulator.

Oakes was charged with 43 serious computer offences under s477.1(1) of the Criminal Code (Cth) for unauthorised access to data held in a computer with the intention to commit a serious offence, namely insider trading; 70 insider trading offences under s1043A(1) of the Corporations Act 2001 (Cth); and 2 offences under s67(1) of the Australian Securities and Commission Act 2001 (Cth) for conduct that resulted in the concealment, destruction, mutilation, or alteration of books required by ASIC.

See also: 10 enterprise network mistakes that open the door to hackers (TechRepublic)

Oakes was sentenced in the Melbourne County Court which ordered that he be released after serving 18 months of the term of imprisonment, on his own recognisance to be of good behaviour for 18 months.

The Commonwealth Director of Public Prosecutions prosecuted the matter.

In sentencing Oakes, Judge Fox said Oakes was "motivated by greed", that "insider trading is a form of cheating", and "it is not a victimless crime".

"If you access a secure computer network to commit a crime, you should expect to go to jail," ASIC quoted her as also saying.

"Technology-enabled offending, including cyber-related market misconduct, has been a priority for ASIC's Enforcement teams," ASIC Commissioner Cathie Armour said on Tuesday.

"Despite the sophistication of cyber criminals, ASIC can identify and investigate suspicious market activity connected to computer hacking activities, as it did in the case against Mr Oakes. Traders should be aware that ASIC continues to focus on cyber-related offending."

ASIC also said it uses "specialist markets surveillance technologies" for its supervision of markets, involving the analysis of large volumes of trading data, and real-time surveillance. These technologies enable ASIC to detect, understand, and respond to misconduct such as insider trading, it said.

RELATED COVERAGE