London Stock Exchange denies cyberattack as cause of 2019 outage

6 Jan 2020

Image: © Victor Moussa/Stock.adobe.com

The Wall Street Journal reported that a British intelligence agency had been in touch with the London Stock Exchange regarding an outage in August 2019.

On Sunday (5 January), The Wall Street Journal reported that UK government agencies were examining whether a trading outage at the London Stock Exchange in August 2019 was caused by a cyberattack rather than a software issue, as was previously reported.

It was reported that a British intelligence agency had been in touch with the London Stock Exchange twice in the past two months, requesting additional information about the outage. The UK’s treasury was also reportedly involved in the probe.

At the time of the outage, which was the worst that the London Stock Exchange had experienced in eight years, the Guardian reported that a software glitch prevented investors from trading for more than an hour and a half.

The incident, which affected the FTSE 100 and the FTSE 250, occurred while internal systems were being updated. The Wall Street Journal has now suggested that this could have opened up systems for exploitation.

‘Not a cybersecurity incident’

In response to reports that there may have been a security incident relating to the August outage, a spokesperson for the London Stock Exchange told Yahoo Finance UK that it was a technical issue.

“The incident was caused by a technical software configuration issue following an upgrade of functionality and was not a cybersecurity incident,” they said.

Additionally, a spokesperson for the UK National Cyber Security Centre (NCSC) said: “The NCSC has not treated the LSE outage as a cybersecurity-related incident and has not investigated it as such.”

The NCSC was also reportedly in touch with the London Stock Exchange after the incident, as part of a routine check. The UK’s treasury did not respond to questions relating to an investigation.

Whether the incident was a cyberattack or not, the London Stock Exchange’s latest report highlighted that the risk of cyberattacks continues to grow, with the exchange saying that it will continue to “invest to ensure cyber resilience and compliance with regulations”.

Jake Moore from security company ESET told ZDNet: “When such a pivotal corporation is attacked, many third-party organisations can be affected in different magnitudes. Stock exchanges are naturally aware of this increased risk of attack and have higher levels of security in place for such attacks.

“However, if threat actors are persistent enough, they will continue to make attempts via a series of entry points, and there is only so much protection that can be in place.”

Kelly Earley was a journalist with Silicon Republic

editorial@siliconrepublic.com