It's really just a smart guy who's hiding his identity.
Right. Exactly. That's why for a lot of cyber crime
especially when you think about that from the security perspective.
How am I going to prevent all these people attacking my system?
It's very different, you've got to think globally.
It's not like traditional,
a lot of those petty cash crime,
a lot of those crimes that we consider local criminals.
If you're going to catch somebody committing a crime,
and they have broken Hong Kong law and you're the Hong Kong police.
And you can prove that they broke this law,
but they are not in Hong Kong.
Can you arrest them?
At the present moment,
a lot of government already changed their legislation to address that.
But the difficult part is,
what happens if that criminal act kind of truncated into different component?
So, for example, let's say they committed acts.
It Involve five steps,
each steps in a different country.
Now if you look at the steps itself there's no crime.
Not unless all five add together and say,
"Oh, gee this is that. "
So each piece is part of a conspiracy to commit a major crime,
but each element maybe,
if it is a crime maybe it's a minor misdemeanor crime not a major felonious act.
So, for several like DDos attack, Distributed Dos attack.
So, initially the criminal may be able to.
And DDos means, denial.
Distributed Denial of Service.
Distributed Denial of Service.
So, DDos attack, Distributed Denial of Service is an aggressive act against a company.
And that's a crime?
Yeah, okay for example,
let's say there's different computers.
Okay, they are poorly managed,
there is loopholes there.
Okay, people initially find a way to get in and you'll kind of
plan something that it's a event or time trigger malware that you can plant in there [inaudible]
It seems likes a crime.
Okay, that could be trespassing.
Electronic trespassing and you didn't do anything.
You just placed something there.
But it's a minor crime.
Is it very minor as you haven't triggered anything yet.
And for the company that you've then hit and you
trigger it you're using some of their computing resources but they may say,
"Yeah, whatever, don't care".
And then not until let's say a particular date time or until a particular event
every computer target and attack and send message to one computer system.
Now then your target is in trouble.
So, sometimes if you kind of break those steps into two or three steps,
each steps may kind of,
yeah maybe it's a very minor crime would be not even a crime,
but aggregating it together,
it becomes a very serious offense and victim will be-
And how does that relate to FinTech?
How does that connect into FinTech so as to solve computer crime?.
For financial technology, they are part of the cyber world.
So whatever cyber attack to them is very vulnerable.
Okay, so let's say if I set up a wallet or set up an online banking service.
Now, the computer crime model that is very commonly used is the CIA model.
It is Confidentiality, Integrity, Availability.
So, DDos is addressing the availability issue.
So, whenever my service is not available,
especially for banking, which is part of an essential service for people.
If suddenly I want to make payment,
and suddenly if the whole payment system is under DDos attack.
My money is there, I can see there's a balance on my wallet, I just can't pay.
So, it's very frustrating. Just imagine.
I could imagine some kind of trading systems getting hit with a DDos at the wrong time,
which we might be able to trigger by software instead of triggering a trade,
trigger a DDos attack then hit with a strong trade then leave your target vulnerable
to swings and currency or other things if you have enough capital
to manipulate the market and do a DDos at the same time,
you might be able to really put a crimp into a bank.
Exactly. On the other hand, if you think of USA exchange.
If there's a lot of high frequency trader.
If they started within the market close period,
let's say five minutes before the market close.
Boom. All the transaction all trying to go through
that internal exchange with high frequency.
If the system is not big enough to cater for that,
that's no difference from a DDos attack.
Do I really know whether it's DDos or whether it's just a lot of traffic?
It could be a trade, yeah it could be a proper trade
or whatever there's suddenly a market news booze-up.
Lets say, suddenly there was a war started in North Korea.
And this relates to intent for example, I could say,
"Let me trigger fifty thousand computers around the world to do
a low latency stock trade
all at the same instant that can overwhelm an exchange."
Now each of those trades might be a legitimate trade for one share of stock.
It's just a small amount.
They're all legitimate trades but they're all synchronized,
all hitting at the same time,
and while that's happening I know I'm doing something else in
a very different system that is a large volume money moving thing.
I might be able to take advantage of the system being locked up.
Yeah. Same thing.
Yeah it's just like flooding the whole system.
Let's say, when suddenly there's
adverse news just break up and then people just respond to it.
Now, a stock online using a keyboard to do it.
Now we're talking about all of these are robo-traders.
Once they pick up a news,
immediately the computer would keep on-.
Once they cannot make the deal,
they fire the request to the exchange,
if the deal bounce back saying that the deal not done,
they immediately fired again with
the lower volume and then you see they're triggering off the whole market.
It's a snow-ball effect and you flood the market.
So it looks like a DDos attack.
Yes. So that's why even in the FinTech area,
even for some of the legitimate trade,
we have to look at the plausible DDos phenomena
not necessarily meaning that is a criminal intent,
but the behavior could be very similar.
Then the issue is, is there an attempt to commit a crime?
Or is it just a coincidence?
Everybody's program looks the same.
Yeah. So there's a lot of these issues that for cybersecurity you have to look at.
Whether it's a genuine high-frequency trade
just because of certain things trigger everybody or the system to trade at
the same time which is genuine or it's just that your system cannot handle
the capacity or whether there's some malicious attack or malicious intent or whatever.
Okay, so being remote is part of the challenge for the law enforcement officer.