Now there is a new reason to try and hack in to corporate web sites – drug information. Not the illegal kind of drugs, but those that are produced by major corporations who create lifesaving drugs. Have the bad guys turned over a new leaf and are now in the business of doing good? No. Actually, the information is being hacked for profit of a different kind – investing in the stock market.
The hackers are going after information that will give them an edge in knowing what companies have the most in-demand products. Having this insider information will allow them to invest in the stocks that show the greatest promise of making a profit. One interesting angle to this is that the identity of the hackers is unknown. What is meant by “unknown” is that no specific group of country can be connected to the hacking attempts.
This is a bit of a problem, not only to stop the hacking but to figure out who stands to profit from the information. Wall Street has been under a cloud of suspicion for decades, so investment companies are on the hacking map. Foreign governments and investors are also likely culprits.
What is unique about this problem is that if the information were sold, it would dilute the profit of the seller. Not only is the stolen information perishable, it has the limitation of having to be kept secret. Stealing secrets secretly and keeping them secret sounds like a lot of trouble to go through for a stock market profit.
From this it can be implied that whoever is doing the hacking needs to be able to make a significant amount of money, and so have a significant amount of money to start with, to realize a significant profit. This fact omits most investors, who do not have billions to spend, and those who would have to explain how they managed to turn a significant profit without insider information.
The end of this trail is that the list of possible hackers is very narrow. But because there is no clue as to exactly what group is involved in the hacking, the purpose of the hack is difficult to ascertain. Going after current R&D information on drugs that have not yet hit the market and are in development is not a short-term goal. Getting government approval from the FDA to market drugs can be a long process that can take years. If whoever is doing the hacking has anything less than a long term plan it likely will fail. Furthermore, the hack must be continuous because of the information obtained changes – say, due to regulatory requirements – the value of the original information is diminished considerably.
It seems the more common forms of hacking are being thwarted at a variety of levels, so the focus has changed to profiting from information through more socially acceptable channels. Time will reveal who the new breed of hackers are and the steps that are needed to protect one more level of corporate data.