If you had the skills to be hacker how would you use them? Wreak havoc by infiltrating your friends social media accounts, maybe hitch a ride on your neighbour’s Wi-Fi or hack into the works printer to see what your manager is saying about you in your annual review?
Possibly. Or, you could do what three Chinese hackers did and make a couple of million quid from insider trading by hacking into the emails of New York law firms and using confidential info to buy shares.*
It ultimately cost them more in penalties than the profits they made, although the £7million they must pay has yet to be collected.
So, what’s the story?
Three hackers, Iat Hong, Bo Zheng, and Hung Chin downloaded countless emails from two New York law firms rooting out information on mergers and acquisitions. They then bought shares in the companies before the mergers were announced, pocketing a nice profit when the shares inevitably jumped in value.
How did they get caught?
Their problem was they weren’t exactly flying under the radar. In one month alone they spent $7.5million on stocks. The unusual trading patterns inevitably caught the attention of the U.S. Securities and Exchange Commission.
These are the big boys. They basically police the markets and, as anyone who has watched Suits knows, you don’t mess with the SEC. Unless you are Harvey Specter of course.
In a press release the SEC revealed how they snared the hackers. Stephanie Avakian, Acting Director of the SEC’s Enforcement Division, said: “We used enhanced trading surveillance and analysis capabilities that we developed over the last few years to identify the broad scope of the defendants’ alleged scheme, including the use of both U.S. and offshore accounts to carry it out.
“This action demonstrates our commitment and effectiveness in rooting out cyber-driven schemes no matter how sophisticated.”
What happened next?
Naturally enough the hackers were hauled into court. Well, not exactly.
Yes, they were prosecuted in court but, unsurprisingly, the hackers didn’t bother turning up. In their absence judgement was entered against them and they were hit with the maximum financial penalties allowed under the law.
You can read the judgement here. I particularly enjoyed the last page which asked the guilty trio to send payment by wire, check (cheque) or postal order. I’m only surprised there wasn’t a Paypal link in there as well.
What was the punishment?
The judgement against the hackers amounted to millions of dollars in penalties and they must also return all their profits. In addition, any assets the trio have in the United States were frozen and the mother of one of the hackers was also ordered to hand over $900,000 she held for her son.
Hong, Zheng, and Chin still face other charges and could be sent to prison. Or they could be if they ever enter the United States.
The hackers are still in China and it is unclear whether they are being detained by the Chinese authorities. The likelihood is not and extradition could be a long and drawn out process with no guarantee the hackers will ever be arrested and sent to the States. There is even less chance of recovering any of the money.
*No, this is not a recommendation. Don’t do this at home kids.