The London Stock Exchange has been working with British security services to investigate cyber attacks against it, that may have led to the postponement of a transfer to a new trading technology platform until February 14, according to a report in the Times of London.
Security officials in the United States also are investigating a cyber-attack on an American exchange, that the Times did not name. That attack was traced to Russia. "Unusual" trading patterns at New York and Chicago platforms also are under scrutiny, the news publisher said.
U.S. exchanges did not immediately comment on the Times report.
Possibly hacked was the London Stock Exchange’s new open source trading system, according to Computerworld UK.
This is a technology platform based on the Linux operating system and produced by Millenium IT, a company based in Sri Lanka that the LSE purchased.
The LSE has set February 14 as the new date to migrate its equities market to the new Millennium Exchange platform. In November, it blamed “human error” for a glitch in November.
The LSE initially planned to moved from the .Net-based Tradelect to the Millennium Exchange supplied by Sri Lanka-based Millennium IT on November 1, 2010. That timetable would have followed the migration of Turquoise, the LSE’s multilateral trading facility from another platform on October 4. Turquoise had been using a system supplied by Cinnober.
The LSE then decided to delay the move for its equities market by two weeks and during the first week using the Millennium Exchange platform, Turquoise experienced a network glitch which delayed opening of trading on October 5 by about two hours.
On November 2, Turquoise experienced yet more problems when customers were disconnected under so-called “suspicious circumstances.” At that time the LSE said that the migration of its main market would then be delayed until 2011 while it investigated the matter further.
The exchange has said its internal investigation into last November's trading disruption on Turquoise has been concluded. “The investigation found the incident was the result of human error and the incident has now been closed,” said the LSE in a statement.
Unlike US exchanges, the LSE platform is not based on the internet, and therefore is less vulnerable to general cyber attacks, Computerworld UK said. However, cyber attacks on exchanges are becoming more advanced, according to security experts, and this poses new threats.
The LSE declined to comment on the events, ongoing investigations or possible motives for any attacks, the publication said.
The new Linux system, based in a C++ environment, is already live on the LSE’s Turquoise dark pool.
Dress rehearsals for the LSE's switchover are planned for the next two weekends.