Rebooting the Carbon Spot Market
Victims of the infostealer.Nimkey Trojan virus might have provided hackers with the necessary digital certificates and private electronic keys that temporarily shut down the spot carbon trading market in Europe this week.
After a rash of hacks of several national registries, including those in Austria, the Czech Republic, Germany and Romania, Commission officials estimate that about 2 million European Union allowances (EUAs), or 0.02 percent of EUAs in circulation, had been illegally transferred.
As a result, the Commission shut down the spot carbon trading market by preventing external or internal transfers of EUAs. Futures-based trading of EUAs, which represents about 80 percent of the carbon trading market, remains unaffected.
In the meantime, the Commission is in discussions with various national registries on how to improve security and set new standards. Once the national registries meet the new agreed security standards, they will be allowed to resume EUA transfers.
I doubt that the writers of Nimkey actually planned to shut down the carbon spot market. It's more likely that they went through their treasure trove of collected private keys and certificates and realized they had access to the various national registries—it was a crime of opportunity rather than a premeditated one.
However, it should be an object lesson for the rest of the markets when it comes to maintaining security of their networks. While digital certificates provide a decent level of security, Nimkey demonstrates their weakness. I would not be surprised if the Commission insists on not only password- and certificate-based security in the future, but on some token-based offering as well.
The major question now is whether to build the new systems themselves or move to an existing financial intranet that already provides that level of security and the clock is ticking. The longer the spot market remains closed, the more costly it will be to the industry. Yet, important decisions made in haste tend to be more expensive. I do not envy the Commission on this decision.
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@waterstechnology.com or view our subscription options here: http://subscriptions.waterstechnology.com/subscribe
You are currently unable to print this content. Please contact info@waterstechnology.com to find out more.
You are currently unable to copy this content. Please contact info@waterstechnology.com to find out more.
Copyright Infopro Digital Limited. All rights reserved.
As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (point 2.4), printing is limited to a single copy.
If you would like to purchase additional rights please email info@waterstechnology.com
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (clause 2.4), an Authorised User may only make one copy of the materials for their own personal use. You must also comply with the restrictions in clause 2.5.
If you would like to purchase additional rights please email info@waterstechnology.com
More on Trading Tech
Bloomberg offers auto-RFQ chat feed—but banks want a bigger prize
Traders hope for unfettered access to IB chat so they can build their own AI-enhanced trading tools
TMX launches ATS in US
The move represents the first expansion of the exchange group’s markets business outside of Canada.
AI co-pilot offers real-time portfolio rebalancing
WealthRyse’s platform melds graph theory, neural networks and quantum tech to help asset managers construct and rebalance portfolios more efficiently and at scale.
Opra considers ‘dynamic load balancing’ for options market
The data distributor recently completed a challenging project to build a 96-line feed. This new endeavor could prove just as challenging (but perhaps necessary) for the industry that will use it.
Big questions linger as DORA compliance approaches
The major EU regulation will go live tomorrow. Outstanding clarifications and confusion around the definition of an ICT service, penetration testing, subcontracting, and more remain.
Market data for private markets? BlackRock sees its big opportunity
The investment giant’s CEO said he envisions a far bigger private market business in 2025.
8 bank CTOs and CDOs sound off on artificial intelligence
Waters Wrap: Last year, WatersTechnology spoke with heads of technology and data from a range of tier-1 banks. Anthony pulls at one common thread from those interviews: AI.
Artificial intelligence, like a CDO, needs to learn from its mistakes
The IMD Wrap: The value of good data professionals isn’t how many things they’ve got right, says Max Bowie, but how many things they got wrong and then fixed.