Six Group, a technology firm responsible for securing the operations of Spanish and Swiss Bourses, is actively recruiting hackers to counter sophisticated attempts to breach its network. The motivation behind hiring these cybersecurity experts is to gain insights into the strategies employed by other cybercriminals engaged in fraudulently accessing IT assets.
Taking a cue from law enforcement practices in Switzerland and the United States, where authorities often seek expertise from incarcerated criminals, the leaders of the Spanish and Swiss stock exchange networks are adopting a similar approach. By enlisting the help of individuals with hacking skills, they aim to better understand the mindset of cyber threat actors and enhance their defenses against intelligent attacks.
Jos Dijsselhof, the Dutch Chief Executive of the Swiss bourses, confirmed the initiative, emphasizing that all actions are geared towards ensuring the welfare of their customers. Proactively preparing for potential cyber assaults is seen as a crucial step in thwarting attacks that could result in significant financial losses for customers.
The wake-up call came when the Chinese ICBC bank redirected its business trades to the US Security Exchange using a USB stick, prompting CEOs and CTOs of other banks and financial institutions to reassess their cybersecurity measures. In response, Six Group engaged a team of hackers from an online marketplace to prevent unauthorized access to its network, identify and contain infected areas, and develop strategies for recovering functions, data, and applications in the event of an incident.
Recognizing the value of secure trading data and processing, Six Group understands that a scientific understanding of how hackers think is essential. This knowledge sharing among co-hackers aids the company in defending against social engineering attacks, where cybercriminals target personal data for corporate espionage.
The involvement of adversary nations adds complexity, as they consistently target federal companies and organizations. Disrupting these entities can have significant economic and political repercussions on the entire nation. The recent MoveIT cyber attack, resulting from the exploitation of a vulnerability by criminals, had a lasting impact on the Biden administration, highlighting the need for companies to anticipate potential infiltration methods and take necessary measures to minimize downtime and losses.