Research carried out by the World Federation of Exchanges and International Organization of Securities Commissions has shown that more than half of the financial exchanges surveyed were targeted by cyber criminals in 2012, with American exchanges being targeted more than any other region.

Most attacks, it said, were carried out with the aim of disrupting services, using Dedicated Denial of Service of malicious code instead of being carried out for financial gain.

In the Staff Working Paper ‘Cyber-crime, securities markets and systemic risk’, which gathered responses from 46 exchanges from around the world, 53% said they had reported an attack in 2012.

In the US, 67% of those interviewed had encountered some form of cyber-crime and just over 50% had been attacked in Asia Pacific.

Europe had the lowest rate, with 35% saying they had been compromised despite making up 30% of the responses.

Most instances reported – 70% - were shared with authorities, but the approach to targeting cybercrime was largely viewed on a national basis and only 59% operate in regions with sanctions regimes for cyber-crime.

Many exchanges, however, said they believe current regulation where it does exist is not well suited to dealing with attacks due to their global nature.

“The instances of attacks against exchanges means that cyber-crime is already targeting securities markets’ core infrastructures and providers of essential (and non-substitutable services,” the report said.

“At this stage, these cyber-attacks have not impacted core systems or market integrity and efficiency, however, some exchanges surveyed suggest that a large-scale successful attack may have the potential to do so.”

This year an attack on South Korea’s banks and broadcasters brought down systems at some of the country’s major banks and broadcasters and in 2012 an attack labelled Operation High Roller siphoned about up to US$2.5bn from bank accounts in Europe.

In the US and Latin America and the threat from cyber-crime has been listed as one of the top economic risks.

The World Economic Forum has listed cyber-crime as the fourth largest risk faced by financial institutions, with 94% of businesses in the world now having an online presence.

In 2011, a PWC survey ranked cyber-crime as the second most commonly reported type of economic crime for financial sector organizations, accounting for 38% of economic crimes.

In 2012, hackers hit the world’s largest banks, overloading servers with requests which stopped customer access to online services.

Trading has also been halted in the past due to distributed denial of service attacks being launched on stock exchanges around the world, the report said.

“In the financial system, cyber attacks are reported as [being] more sophisticated than ever, with attacks coming from not only fraudsters but political activists aiming to disable financial institutions,” the report said.

On the rise are Advanced Persistent Threats, which infiltrate specific computers or networks using targeted and persistent attacks over numerous years which constantly scan for weaknesses to steal or damage information kept by financial services organizations.

“The advanced and stealthy nature of these attacks means they can go undetected for years,” the report said.

In some cases, these can lead to the wearing down of mission-critical functions, leaving their integrity in question and break trust in financial data.

It said to counteract such threats, the industry needed to take a transparent approach to cybercrime, at a board and industry level on a global scale.

The industry also needs to look beyond firewalls, antivirus and intrusion detection systems due to the signature-based nature of attacks that can often be launched before filters pick them up.

Physical threats have also been identified, with the report warning of attacks that can disable ID card access units in data centers to allow for hardware inside the data center to be compromised.

“Cyber attacks can also be perpetrated to distract from an impending physical attack, or vice versa,” the report said.