How to Hack the Stock Market
Over the past few decades, the financial markets have undergone a rapid transformation via two major technological advancements: the computer and electronic networks.
What's most interesting about this, however, is that along with the continual adoption of newer and faster technologies, some of the malicious and illegal tactics of hacking have also been applied in the daily business of trading.
For example, consider the very common hacking method called a denial of service (DoS) attack. Here's a bit of DoS attack 101 right off the United States Computer Emergency Readiness Team's website in case you're unfamiliar with it:
What is a denial-of-service (DoS) attack?
In a denial-of-service (DoS) attack, an attacker attempts to prevent legitimate users from accessing information or services. By targeting your computer and its network connection, or the computers and network of the sites you are trying to use, an attacker may be able to prevent you from accessing email, websites, online accounts (banking, etc.), or other services that rely on the affected computer.
The most common and obvious type of DoS attack occurs when an attacker "floods" a network with information. When you type a URL for a particular website into your browser, you are sending a request to that site's computer server to view the page. The server can only process a certain number of requests at once, so if an attacker overloads the server with requests, it can't process your request. This is a "denial of service" because you can't access that site.
Recently, high frequency trader turned whistleblower Dave Lauer explained to CNN Money that the widely used HFT practice known as "quote stuffing" is the financial equivalent of a DoS attack on the stock market.
Quote stuffing, he explains, "exploits a quality of the feeds that send data out of the exchanges. These feeds are broken up by alphabet so you have, for example, A to C in one channel, and you can flood one of the symbols in that channel and slow down everybody who’s listening to that feed, and then pick off people in another symbol within that same channel. I think it’s better called a denial of service attack, much like hackers do, but they call it 'quote stuffing.'"
Of course, hacking and DoS attacks are illegal on the web but, so far, the practice of quote stuffing still goes on. Scott Patterson, writing for the Wall Street Journal, recently pointed out, however, that the "Financial Industry Regulatory Authority [FINRA] is conducting a probe of high-speed firms' trading algorithms" and also looking into "what type of risk controls are built into algorithms designed to prevent 'quote stuffing and quote bursts.'"
Again, why does this matter? Well, for one, it clearly distorts the market and gives an unfair trading advantage to certain players at the expense of others. When asked further about the distortions caused by quote stuffing, Dave cites a study showing that stocks will move in unison simply due to their alphabetical listing within a channel. As he explains, "You would expect to see co-movement within an industry or symbols that are exposed to the same macro-economic factors, but the fact that things are moving together based on their alphabetical listing makes no sense. The only explanation is nefarious activity."