UK government investigates possible cyberattack link to London Stock exchange outage

It was thought the incident was down to software issues. Now, officials are not so sure.
Written by Charlie Osborne, Contributing Writer

The UK government is reexamining the London Stock Exchange outage to ascertain whether or not a cyberattack, rather than a software glitch, was the cause. 

The LSE's outage occurred on August 16, 2019. A "software glitch" was blamed in which Friday early-morning traders were left unable to buy or sell shares for over an hour and a half. 

Both the FTSE 100 and FTSE 250 indexes were impacted. 

CNET: Wyze camera data leak: How to secure your account right now

At the time, LSE officials said "a technical software issue" was at the heart of the matter and did not offer any further details. 

It was not thought a cyberattack was to blame, but according to the Wall Street Journal, an investigation is underway which suggests the incident may not have simply been due to software problems. 

Sources familiar with the matter told the publication that the UK Government Communications Headquarters (GCHQ) wants to find out if the outage was due to hackers attempting to "disrupt markets," and in the past two months, the intelligence agency has contacted the exchange for additional information. 

The UK Treasury is also thought to be involved. 

According to the WSJ, at the time of the outage, internal systems were being updated. It is possible that as the upgrade was underway, this could have opened up systems for exploit and paved the way for a cyberattack to take place. 

An LSE spokesperson said a "technical software configuration issue following an upgrade of functionality" was the cause -- rather than a cyberattack -- and that the exchange has "thoroughly investigated the root cause of the issue" in a bid to prevent future trading disruption.

See also: New Year's Eve malware attack strikes Travelex, services still offline

The LSE Group said in its latest annual report (.PDF) that the risk of cyberattacks continues to grow, and as such, the exchange "continue[s] to invest to ensure cyber resilience and compliance with regulations."  

"In addition to complying with current cyber and data protection requirements, LSEG complies with significant data and cyber operational controls and standards required under regulations," the exchange added. "LSEG continues to monitor and engage with regulators and leading industry working groups on the development of regulatory frameworks and appropriate harmonization of standards across jurisdictions."

As we saw in the recent Travelex security incident, in which services offered by third-party companies including Tesco Bank and HSBC were pulled offline at the same time as the main Travelex currency purchase service following a malware infection, the knock-on effect of a potential cyberattack on the LSE could be massive for businesses and investors trading on the platform. 

TechRepublic: Alert overload is burning out security analysts

Speaking to ZDNet, cybersecurity expert Jake Moore from ESET said:

"When such a pivotal corporation is attacked, many third party organizations can be affected in different magnitudes. Stock exchanges are naturally aware of this increased risk of attack and have higher levels of security in place for such attacks. However, if threat actors are persistent enough, they will continue to make attempts via a series of entry points, and there is only so much protection that can be in place."

10 worst hacks and data breaches of 2019 (in pictures)

Previous and related coverage

Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0

Editorial standards