Security Experts:

Hedge Fund Manager Predicts Cyber Attack Will Shut Down NYSE in 2011

Hedge Fund Manager Doug Kass Predicts Cyber Attack Will Shut Down NYSE in 2011. Should Financial Experts Stick to Financial Analysis and Not Cyber Threats?

Called a “Master market timer and predictor” by CNBC, hedge fund manager Doug Kass of Seabreeze Partners Management made a bold prediction this week during CNBC’s Fast Money segment.

In what Kass calls his “Possible and Probable” predictions for 2011, he suggested a series of populist regulatory changes would continue to be endorsed by the administration, saying “notably the SEC comes down in a frontal assault on mutual fund expenses by restricting or eliminating 12b1 fees.” (12b1 fees allow funds to charge investors with marketing costs and mutual funds made about $9.5 billion through such fees in 2009.) That prediction isn’t incredibly bold or something many others are not expecting, but his second prediction is.

Stock Market Cyber Attack

Kass continued and made a more interesting and bold prediction saying: “The Internet becomes the tactical nuke of the digital age. I believe that cybercrime is going explode exponentially next year as the Web is invaded by hackers. And My surprise is that we will see a specific attack on the New York Stock Exchange which has a profound impact, causes a week long hiatus in trading which will cause abrupt slowdown in travel and domestic business.

Kass is positioning his portfolio accordingly, he says, and suggested that investors “Position a portion of a portfolio in accordance with some outlier events because you have the potential for large payoffs, obviously.”

Keep in mind that Mr. Kass is a Hedge Fund manager, not a cyber security expert. To top this, Kass is known to short the market and has mad much success doing so. If Mr. Kass is shorting the market, why not inject a bit more fear when he has a chance?

When asked how position against that type of attack, Kass responded, “Have a nice amount of cash reserves for one.”

In 2008, Lawrence Strauss in an article on Douglass Kass described him as such: “He's a short seller, and an outspoken one, at a time when most investors have abandoned the business of betting against stocks. After all, it's a tough way to make a living, and a short seller -- who sells borrowed shares in the hope of buying them back later at a lower price.”

Furthermore, when commenting on the May 6th flash crash when the Dow Jones Index dropped more than 600 points in 5 minutes, Kass said “I think that our dependency on the Internet guy is profound and that was not an attack, not a terrorist attack, that was just a bubble. I suspect we are vulnerable to a terrorist attack or something in the extreme.”

Can a Cyber attack take down stock exchanges?

Frequent CNBC contributor and options guru Jon Najarian doesn’t agree with Mr. Kass, however. While discussing HP’s earnings after the bell on Tuesday, Najarian noted that there were about $10 billion in security deals done in the third quarter, and further commenting, “I hate to go against Douggie, but I think people are gearing up to be safer. I don’t think there are a lot of open holes just waiting to be exploited. I think HP, IBM and Intel are clearly out there helping people plug those holes.”

Of course those companies are helping, but threats still exists and there are always holes. Just because there were big M&A deals in the security space recently doesn’t mean financial markets aren’t vulnerable to cyber attacks. There are always holes waiting to be exploited, and financial markets will always be a target of attack.

A report released this month by data security provider, Imperva predicted that in 2011 state-sponsored cyberattacks, like the Stuxnet worm, will build on concepts and techniques from the commercial hacker industry to create more powerful Advanced Persistent Threats. Could a targeted attack like Stuxnet wiggle its way into the systems at the NYSE or other stock exchanges?

SecurityWeek reached out to Seabreeze Partners to get further comment from Mr. Kass but has not received a response.

What could happen if Mr. Kass’ prediction is correct and a cyber attack effectively takes the New York Stock Exchange “offline” for a week? As far as historical events to compare to, after the terrorist attacks on September 11th, the New York Stock Exchange, the American Stock Exchange and NASDAQ didn’t open on September 11th and remained shut down until September 17, the longest shut down since the Great Depression in 1933. After the markets opened on September 17th, the Dow Jones Industrial Average fell 684 points, or a 7.1% loss. 

The NYSE’s Web site (NYSE.com) has been targeted in the past with denial of service' attacks but without success, according to NYSE reports. Importantly, the NYSE.Com Web site is not connected to any of the trading operations and even if such attack took NYSE.com offline it wouldn’t affect trading operations, of which most of the infrastructure is over private networks and not the public Internet.

A comment posted by an anonymous reader in response to an article at TheStreet.Com said, “Doug Kass, I have great respect for him. But to make such outrageous predictions without any basis is completely irresponsible. This is free speech to the extreme. Looks like the only reason he is doing this is to drive fear among investors and profit from his bearish positions.”

Should financial experts stay away from commenting on the security posture of the stock exchanges?

Subscribe to the SecurityWeek Email Briefing
view counter
view counter