Rogue Code

Read Rogue Code Online

Authors: Mark Russinovich

BOOK: Rogue Code
13.6Mb size Format: txt, pdf, ePub

 

The author and publisher have provided this e-book to you for your personal use only. You may not make this e-book publicly available in any way.
Copyright infringement is against the law. If you believe the copy of this e-book you are reading infringes on the author’s copyright, please notify the publisher at:
us.macmillanusa.com/piracy
.

 

C
ONTENTS

Title Page

Copyright Notice

Acknowledgments

Foreword

Memorandum

I. Day One

News Article

Chapter 1

Chapter 2

Chapter 3

Chapter 4

Chapter 5

II. Day Two

News Article

Chapter 6

Chapter 7

Chapter 8

Chapter 9

Chapter 10

Chapter 11

Chapter 12

III. Day Three

News Article

Chapter 13

Chapter 14

Chapter 15

Chapter 16

Chapter 17

Chapter 18

Chapter 19

Chapter 20

Chapter 21

IV. Day Four

News Article

Chapter 22

Chapter 23

Chapter 24

Chapter 25

V. Day Five

News Article

Chapter 26

Chapter 27

Chapter 28

Chapter 29

Chapter 30

Chapter 31

VI. Day Six

News Article

Chapter 32

Chapter 33

Chapter 34

Chapter 35

Chapter 36

Chapter 37

Chapter 38

Chapter 39

Chapter 40

VII. Day Seven

News Article

Chapter 41

Chapter 42

Chapter 43

Chapter 44

Chapter 45

Chapter 46

Chapter 47

Chapter 48

VIII. Day Eight

News Article

Chapter 49

Chapter 50

Chapter 51

Chapter 52

Chapter 53

Chapter 54

Chapter 55

Chapter 56

Chapter 57

Chapter 58

Chapter 59

Chapter 60

Chapter 61

Chapter 62

IX. Day Nine

News Article

Chapter 63

Chapter 64

Chapter 65

Chapter 66

Chapter 67

Chapter 68

Chapter 69

Chapter 70

Chapter 71

Chapter 72

Chapter 73

Chapter 74

X. Final Day

News Article

Chapter 75

Chapter 76

Chapter 77

Chapter 78

Chapter 79

Chapter 80

Chapter 81

Chapter 82

Chapter 83

Chapter 84

Memorandum

Bibliography: Additional Information on High-Frequency Trading

Also by Mark Russinovich

About the Author

Copyright

 

A
CKNOWLEDGMENTS

This book was made better by the discussions and invaluable feedback I received from readers of early drafts. I’d like to thank John Walton, David Cross, Chris Jackson, John Lambert, Scott Field, and Matt Thomlinson, colleagues of mine at Microsoft, who shared their real-world experience fighting cybercrime and improving cybersecurity in their detailed and thoughtful reviews and discussions. Thanks also to Jeff Prosise and Ron Watkins, friends of mine outside of Microsoft, who gave me their perspectives as fans of the techno-thriller genre.

Haim Bodek deserves a special thanks for the information he shared with me, initially and unknowingly via his Web site, book, and participation in documentaries on HFT that I researched, and then later after I contacted him, in our long conversations over Skype and in the comments he gave me on book drafts. I’m grateful for his foreword, which sets the tone perfectly for the book. His position as an industry insider and pioneer of market microstructures makes his warning that HFT poses risks to our economy when looked at as not just low-latency algorithmic trading that can spiral out of control in algo-vs-algo trading, but as including the secretive-order types that give insiders unfair advantages, something that we should all heed.

I also want to thank my agent, David Fugate of Launch Books, for his staunch support of the Jeff Aiken books series, and also for helping me secure the sale of its movie option. Peter Joseph, my editor at St. Martin’s Press, did a fantastic job of guiding the book through to publication, even somehow compressing rigid publishing schedules to hit target dates when my day job got in the way and slowed my delivery. Thanks to Melanie Fried and to the editorial production staff at St. Martin’s Press for their painstaking passes over multiple drafts of the manuscript, somehow finding typos and grammar mistakes in passages that I read dozens of times.

Finally, I want to again thank the real-life Daryl, my wife, for indulging me in my many hobbies, of which novelist is just one. Her patience and support for my crazy schedule and her smiling face, which greets me when I get home from work or finish a multi-hour writing session, provides the emotional foundation for my creative endeavors.

 

F
OREWORD

When I first read
Rogue Code
, I thought, “Here is a thriller that is really tuned into the dangerous potential of electronic trading.” Mark Russinovich paints a picture of what most would consider the nightmare scenario of what could go terribly wrong in the U.S. stock market. It is a dystopian view of where electronic capitalism might lead us.

And yet,
Rogue Code
shows us a Wall Street which is all too familiar—think it a synthesis of age-old business practices that thrive on exploiting the grey areas of financial regulation
and
modern electronic trading systems whose
opacity
is the only thing keeping computerized criminals at bay. The end result is a fictional portrayal of a global-market system that is hauntingly familiar in both its vulnerability and its propensity for financial crisis.

Mark is impressive, detail-oriented, hands-on. He aims to introduce you to the technical mechanisms, hacks, and exploits that are longstanding practices in the field of cybersecurity that he rightfully associates with critical vulnerabilities in our national market system. More importantly, Mark has tied together two disciplines that must cross-pollinate: cybersecurity and computerized trading. After you have read
Rogue Code
, you will believe these two fields are on a collision course.

Still, I confess that as I read
Rogue Code
I couldn’t help but smirk inappropriately at times.
If he only knew
, I thought. As the financial crisis proves, often Wall Street itself can be its biggest threat.

Rogue Code
is a work of fiction. The bad guys don’t run multibillion-dollar hedge funds that have institutionalized illegal insider trading into a business model. They don’t run massive Ponzi schemes affiliated with unusually successful trading companies. They don’t publicly brag about their multi-year zero-loss trading days fueled by “secret sauce” that only recently has caught the attention of regulators.

In my experience, the current threat to Wall Street isn’t going to come from abroad … it has already firmly embedded itself into the fabric of our marketplace.

We don’t need foreign agents to compromise our markets. We are quite adept at causing the flash crash and more than
twenty-five thousand
“mini flash crashes” all by ourselves.

We don’t need a foreign agent to rig an exchange to provide a benefit to an affiliated trader—we are quite adept at creating conflicts of interest, self-regulation of for-profit entities, and regulatory loopholes that naturally evolve into collusive arrangements.

We don’t need super-hackers planted where they can exploit the order matching code for their own benefit, as the most lucrative career path for a developer is to cycle from exchange to trading company, back to the exchange space, and then onward to the most elite trading firm having attained the “goods.”

And I should know. Over a decade ago, I was awarded my first major promotion at a major investment bank for exploiting a back door in a European electronic exchange to get prices faster. Back then, we discovered holes. At some point, the game changed, and the industry started creating holes.

The search for what we in the industry call an “edge” led exchanges to manufacture artificial advantages in order to satisfy their most-favored clients. What else differentiates an exchange, when the primary service that traders want is to extract a profit in what nearly always is a zero-sum game for short-term traders? The money has to come from somewhere, doesn’t it?

And so many years later, I decided to blow the whistle on high-frequency trading to regulators, citing numerous undocumented features designed by exchanges to accommodate high-frequency trading strategies at the expense of the public customer. It was the road not traveled for one of my background.

Mark is an outsider to high-frequency trading, but that is what makes his contribution all the more sobering. What if Wall Street lost its stranglehold on a system where complexity and volatility equate to trading edge? What if outsiders indeed targeted the very systems which regulators readily admit they cannot monitor or control in any meaningful manner?

And that is probably the most terrifying conclusion one can draw from
Rogue Code.
Wall Street, having grown so accustomed to exploiting and circumventing its own system, is dramatically unprepared for real enemies, those who have no stake in the bedrock of our capitalist system.

—H
AIM
B
ODEK
    M
ANAGING
P
RINCIPAL
    D
ECIMUS
C
APITAL
M
ARKETS,
LLC

 

WHITE HOUSE DISTRIBUTION ONLY

DO NOT DUPLICATE

MOST SECRET

MEMORANDUM

DATE:

October 13

FROM:

Walter D. Winterhalter

 

Inspector General

 

Office of the Inspector General

 

U.S. Securities and Exchange Commission

TO:

Eleanor Kaschnitz

 

National Security Advisor

RE:

Concern

I wish to personally express my deepest concern about the possible intentional or inadvertent disclosure of the actual events that occurred last month, regarding the New York Stock Exchange Euronext. The potential for incalculable harm to our financial institutions and the world financial system is extreme. While speculation is rampant in the media, both traditional and electronic, the diverse nature of the speculation tends to cancel out fears, though the attention has had a dampening effect on the trading public. Only the passage of time will inform as to what extent. For now, I must urge in the strongest possible terms that no official account of events be made public and that every step possible be taken to prevent a credible source from leaking what we know and are learning.

Other books

Chloe by Michelle Horst
The Fear and Anxiety Solution by Schaub, Friedemann MD, PhD
Indigo Rain by Watts Martin
Moonstruck by Susan Grant
The Lie by Helen Dunmore
Blue Heaven by C J Box
Q: A Novel by Evan Mandery