By Ted Chen / Staff reporter

The Taiwan Stock Exchange yesterday said a spike of cyberattacks against local securities and futures brokerages that began last week seemed to be random, as ransom demands did not correlate with the scale of the firms attacked.

While the perpetrators’ intentions remain unknown, brokerages have unanimously pledged to not give in to ransom demands, as payments would only be used to fund further attacks, Taiwan Stock Exchange senior executive vice president Huang Nai-kuan (黃乃寬) said at a news conference in Taipei.

Since last week, more than 10 brokerages have received e-mails demanding a ransom and many have sustained distributed denial-of-service attacks that slowed access to Web sites and services.

“Our investigations shows that the attacks originated from compromised IP addresses in Vietnam, but that does not necessarily mean that the perpetrators are Vietnamese,” Huang said.

In denial-of-service attacks, hackers take control of a large number of computers and use the compromised “zombies” to make superfluous requests to the target’s Web site with the aim of disrupting services by exhausting bandwidth.

Huang said that brokerages’ vulnerability to the attacks has little to do with their individual information technology capabilities, as they must rely on their telecom for an effective defense.

“The most effective countermeasures are Internet traffic cleaning and screening services that can be obtained from telecoms at prices beginning at about NT$20,000 to NT$30,000 [US$644.21 to US$966.31] a month,” Huang said. “For brokerages, it is not a simple matter of installing firewalls.”

Huang said brokerages would need to establish routine mitigation contracts with their Internet service providers as defenses would need to be raised before attacks occur.

The Taiwan Securities Association (券商公會) does not anticipate damage claims from investors resulting from the attacks, as brokerages offer multiple methods to place orders.