Company apologizes for presenting the incident as a real event

Jul 3, 2014 13:50 GMT  ·  By

In a weird turn of events, BAE Systems said that the information they presented last month about a sophisticated attack on a major hedge fund was not real and represented a scenario developed internally by the company.

Paul Henninger, global product director at BAE, told CNBC back in June that his company had discovered a cyber-attack targeting an undisclosed hedge fund that reached new levels of complexity.

The cybercriminals were presented as highly knowledgeable individuals when it came to the trading system, who spied on the systems for a few months in order to learn the strategies used and apply them for their own benefit.

In a video interview, Henninger said that “this appears to have been a for-profit attack” and that “this was not an attack designed to sabotage their systems.”

The reason for this conclusion was that the intruders managed to insert a delay between the time a trade offer was issued and the time when it was executed, allowing them to make the move first.

However, on Wednesday this week, BAE Systems spokesperson Natasha Davies told the publication that the incident described by Henninger was not a real event, but a scenario the security experts at BAE had used internally.

According to CNBC, she also added that the attack “was inaccurately presented as a client case study rather than as an illustrative example.”

The length of time between Henninger’s presentation and the company’s dismissal of the events being real was of two weeks. It appears that BAE needed this amount of time to conclude that the incident never occurred.

The revised position regarding the incident is not too convincing, given that Henninger told the media that the unnamed company took notice of the suspicious activity and “it took about a few weeks for the investigation to get to the point where we made the connection between the network anomalies and the trading anomalies.”

Natasha Davies apologized for the inaccuracy and said that the company was taking the necessary measures to prevent the occurrence of such errors.

CNBC reports that since Henninger broke the news, BAE stock recorded a 1.6% increase and the trading volume was higher than ordinary.

Henninger also did a similar interview with Bloomberg, and he presented the attack in the same manner. The two publications tried to contact the exec, but they could not reach him and it appears that he took some time away from the business.