We're living in the age of the hacker

Hack or be hacked.

Never in the history of written communication could 140 characters have the impact that they can have now

Two weeks ago, after gaining access to the Associated Press’s main Twitter account (@AP), the Syrian Electronic Army (SEA) posted a fake tweet reporting two explosions in the White House and the injury of President Barack Obama. Within seconds, US financial markets dropped by about 1%.

Minutes later, Twitter was abuzz with refutations. Reporters at the White House tweeted that they felt no explosion, and AP reporters and the AP Politics Twitter account announced that @AP had been hacked. At his afternoon briefing, White House press secretary Jay Carney confirmed that Obama was indeed unharmed. Financial markets returned to their pre-hoax level.

The @AP Twitter hoax represents systemic risk that cannot be eliminated, for it arises from the interaction of highly integrated financial markets and increasingly democratized news delivery. Given strong incentives for malicious parties to perpetrate such hoaxes, we should expect to see an increase in incidents.

Financial markets are vulnerable to manipulation, because they are not in the business of evaluating the truth. Trading often favours first movers, so being fast but wrong can still be profitable.

Imagine that a sophisticated trading firm has invested significant resources to develop an algorithm that quickly evaluates the potential market impact of news, and then automatically sends orders to trade based on that predicted impact. When that algorithm parses a tweet from the AP containing important keywords (explosion, White House, and Obama), it will send orders to sell with the expectation that the market will drop as others – first, slower algorithms, then even slower humans – start to process the same news.

The first mover is happy to make such trades without verifying that the news is true. If it is true, the market will stay down or continue dropping, and the first mover will profit from the sales that it has made. If the story is a hoax, the market will probably return to its earlier, fairly valued level, and the first mover will break even on its sales, and possibly profit from any position purchased as a hedge when the market was down. The first mover’s algorithm worked, regardless of the story’s veracity.

The likely losers in the @AP Twitter hoax were later movers who did not react quickly to the news, but reacted instead to the market’s movement.

These late movers were also likely to have been sophisticated electronic or institutional traders; some were probably using arbitrage-based strategies that relied on the futures market for a calculation of the fair price.

The market’s vulnerability to hoax stories is thus difficult to eliminate, for it is inherent in its structure. It cannot be regulated away or fixed by technology or surveillance.

Even if markets moved more slowly, there would still be a first mover who responded before such a news story was revealed as a hoax. This dynamic is similar to that of an asset bubble, albeit faster. In a bubble, valuations are based on collectively evaluated evidence, and those who enter the market earliest often benefit. Whether evaluating an assumption about the rise of house prices or whether a news story is true, the market does not provide a definitive answer instantaneously.

If protecting against hoaxes is not the market’s purview, can news agencies or new media entities like Twitter prevent such deception? To be sure, they have suffered reputational damage from this fiasco and will likely try to improve. But their efforts will not be enough.

Twitter’s vulnerabilities were technically understood before this event, and the service was already moving toward a more sophisticated authentication model (a password paired with a one-time key from a text message or other device). Twitter will likely implement this soon. It should also consider adding an optional “two-key” system, in which an independent signoff from a separate account is required before a proposed tweet is broadcast. But, while such measures would increase the difficulty of hacking the system, no technological fix can make it impenetrable.

What about the AP’s vulnerabilities? Attackers launched a “phishing” attempt against the AP’s emails shortly before the hoax tweet was sent. Phishing attacks, in which an employee is duped into sending a password to a third party or clicking an untrusted link that installs malicious software, represent a hybrid of cultural and technological failures.

As attackers become more sophisticated, they send better-crafted emails, sometimes impersonating trusted sources that lure unwary users. Crafting a culture of security is difficult and often at odds with the dynamic and decentralised work environment of a fast-moving newsroom.

This story can be read in full at economia

Chris Clearfield is a principal at System Logic, an independent research and consulting firm that focuses on issues of risk and complexity. András Tilcsik is an assistant professor of strategic management at the Rotman School of Management at the University of Toronto.

Photograph: Getty Images

This is a news story from economia.

Getty
Show Hide image

Northern Ireland election results: a shift beneath the status quo

The power of the largest parties has been maintained, while newer parties running on nicher subjects with no connection to Northern Ireland’s traditional religious divide are rapidly rising.

After a long day of counting and tinkering with the region’s complex PR vote transfer sytem, Northern Irish election results are slowly starting to trickle in. Overall, the status quo of the largest parties has been maintained with Sinn Fein and the Democratic Unionist Party returning as the largest nationalist and unionist party respectively. However, beyond the immediate scope of the biggest parties, interesting changes are taking place. The two smaller nationalist and unionist parties appear to be losing support, while newer parties running on nicher subjects with no connection to Northern Ireland’s traditional religious divide are rapidly rising.

The most significant win of the night so far has been Gerry Carroll from People Before Profit who topped polls in the Republican heartland of West Belfast. Traditionally a Sinn Fein safe constituency and a former seat of party leader Gerry Adams, Carroll has won hearts at a local level after years of community work and anti-austerity activism. A second People Before Profit candidate Eamon McCann also holds a strong chance of winning a seat in Foyle. The hard-left party’s passionate defence of public services and anti-austerity politics have held sway with working class families in the Republican constituencies which both feature high unemployment levels and which are increasingly finding Republicanism’s focus on the constitutional question limiting in strained economic times.

The Green party is another smaller party which is slowly edging further into the mainstream. As one of the only pro-choice parties at Stormont which advocates for abortion to be legalised on a level with Great Britain’s 1967 Abortion Act, the party has found itself thrust into the spotlight in recent months following the prosecution of a number of women on abortion related offences.

The mixed-religion, cross-community Alliance party has experienced mixed results. Although it looks set to increase its result overall, one of the best known faces of the party, party leader David Ford, faces the real possibility of losing his seat in South Antrim following a poor performance as Justice Minister. Naomi Long, who sensationally beat First Minister Peter Robinson to take his East Belfast seat at the 2011 Westminster election before losing it again to a pan-unionist candidate, has been elected as Stormont MLA for the same constituency. Following her competent performance as MP and efforts to reach out to both Protestant and Catholic voters, she has been seen by many as a rising star in the party and could now represent a more appealing leader to Ford.

As these smaller parties slowly gain a foothold in Northern Ireland’s long-established and stagnant political landscape, it appears to be the smaller two nationalist and unionist parties which are losing out to them. The moderate nationalist party the SDLP risks losing previously safe seats such as well-known former minister Alex Attwood’s West Belfast seat. The party’s traditional, conservative values such as upholding the abortion ban and failing to embrace the campaign for same-sex marriage has alienated younger voters who instead may be drawn to Alliance, the Greens or People Before Profit. Local commentators have speculate that the party may fail to get enough support to qualify for a minister at the executive table.

The UUP are in a similar position on the unionist side of the spectrum. While popular with older voters, they lack the charismatic force of the DUP and progressive policies of the newer parties. Over the course of the last parliament, the party has aired the possibility of forming an official opposition rather than propping up the mandatory power-sharing coalition set out by the peace process. A few months ago, legislation will finally past to allow such an opposition to form. The UUP would not commit to saying whether they are planning on being the first party to take up that position. However, lacklustre election results may increase the appeal. As the SDLP suffers similar circumstances, they might well also see themselves attracted to the role and form a Stormont’s first official opposition together as a way of regaining relevance and esteem in a system where smaller parties are increasingly jostling for space.