Hackers Could Game Wall Street With Network Latency

Even a few extra milliseconds would give an attacker enough time to execute trades ahead of the competition, warns a security researcher.

(click image for larger view)
Slideshow: Top 10 Security Stories Of 2010
How important is latency in high-speed trading networks? In fact, a difference of just microseconds could give someone the ability to game Wall Street, according to Rony Kay, president and CTO of packet inspection technology vendor cPacket Networks.
A few extra milliseconds, or even a few extra microseconds or less, can enable trades to execute ahead of the competition, thereby increasing profits, he said, writing in a
report
on network latency issues.
A few milliseconds and microseconds are far beyond the latency requirements of most other applications today, such as videoconferencing, online gaming, cloud computing, or voice over IP (VoIP). For example, one-way latency for VoIP telephony should generally not exceed 150 milliseconds (0.15 seconds) to enable good conversation quality. Interactive games typically require latencies between 100 and 1000 milliseconds depending on the game genre.
But Kay said that a 2008 report from the Tabb Group found that if a brokers electronic trading platform is 5 milliseconds behind the competition, it could lose at least 1% of its flow; thats $4 million in revenues per millisecond.
To address this risk, Kay recommends that brokers beware placing trading platforms too far away from exchanges. The emerging reality of automatic algorithmic trading, coupled with the laws of physics, imply that an automatic trading platform in San Francisco might not be competitive for trades in New York Exchanges. Numerous factors can slow packets, he found, including the speed of light, packet size -- large packets travel more slowly, especially to closer destinations -- as well as network jitter.
Kay also recommends monitoring trading networks in real time. To avoid business disruptions and inferior trading results, continuous real-time measurement should identify trends, detect outliers, and enable quick remediation of excessive latency and jitter, he said.
But how real is this threat? Certainly micro-traders pay attention to latency, and sometimes even place their computers physically close to exchanges so they can reduce latency. And while it would be illegal to deliberately manipulate someone elses trades, it is probably okay to place a gazillion trades at the same time which -- as a side effect -- increases latency for everyone else, said Bruce Schneier, chief security technology officer of BT, in a
blog post
.
My guess is that this isnt a movie-plot threat, and that traders are trying lots of things along this line to give them a small advantage over everyone else, he said.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Hackers Could Game Wall Street With Network Latency