Security Laboratory

Could Currency Be Destabilized?

April 7th, 2007
By John C. A. Bambenek


Summary: While a variety of attacks could cause significant economic harm to a target, an attack specifically designed to destabilize a currency would likely be unsuccessful unless sponsored by a party with significant economic power (i.e., a major country).

Internet-based Electronic Warfare

Traditional economic warfare seeks to disrupt the flow of commerce in a nation or reduce the confidence or willingness of participants to engage in economic activity. In the Internet world, the main tools are denials of service, identity (or information) theft, or fraud.

Almost every business at one point or another has been subject to a denial of service attack of some kind. Few have been driven out of business as a result, Blue Security being a recent example (and in that case there were other factors as well.)1 Most businesses recover and can build the lost revenue into a risk management model.

Likewise, cases of identity theft (either from the consumer PC end or compromises on the business end) are commonplace in the United States, Europe, Russia, China, and Latin America. Identity theft has not yet led to a significantly negative impact on the long-term viability of an organization. However, recently the entire population of Romania had their financial information stolen from a government system, so it remains to be seen what impact it will have on that nation's economy.2

Economics of Currency Trading

The valuation of currency, at least in economies using "fiat" money, is based on the perception of that currency's general worth. This perception is based on several factors, the strength of the government's economy behind that currency, the willingness of governments to invest in that economy and general geopolitical factors. For instance, the perception that the United States is overextended with its trade and budget deficits adversely affects the valuation of the dollar.

Those who buy and sell currency each day, currency traders, are considered a savvy bunch. Because the information they rely on to make decisions crosses international boundaries into countries which may or may not necessarily be open with information, they have to rely on both conventional and unconventional information sources. In order to have a successful impact on a currency's value, one would need to successfully change the perception of a bulk of these currency traders.

Likelihood of Success

There are plenty of analogous examples that short-term influences can be made on valuations of stocks and such. For instance, several companies have been subject to false press releases that had dramatic effects on their stock prices. In those cases, the perpetrator was caught quickly and the stock resumed its previous value. People were able to make money trading options on that stock, but the long-term fundamental value of the company remained unchanged once people discovered the fraud.

This would be likely true for the case of currency. Currency traders, a savvy bunch, might be able to be duped into believing false information that could cause a run on the currency. But likely value shoppers would find the scam and buy low when people rushed back in after the fraud was discovered. In the cases of manipulation of stock prices, the fraud was discovered in days, if not hours. If a similar fraud were attempted on a currency, the full weight of that nation's government would be levied to fix the problem quickly.

In order to have an impact on an economy the assets involved would have to be significant. For instance, the United States had a GDP in 2005 of $12.5 trillion.3 Even launching an attack with $50 million would be like trying to bankrupt a major international corporation by running out the door with a fistful of nickels from petty cash.

One successful attempt at currency manipulation (or savvy investment depending on your opinion on the matter) was Black Wednesday in 1992. George Soros bet 10 billion pounds against the Bank of England and broke the currency.4 In that case, England's currency was already having problems and Soros was the "straw the broke the camel's back". At that time, he used an amount of money roughly equal to 1.5% of Britain's GDP. With significant investment of resources, a currency "on the brink" can be successfully attacked.

In order to have anything but a short-lived and transitory effect on the value of a currency, it would take a significant amount of assets and other factors that have already placed the currency in a weakened state. With the combined weight of a government who has a vested interest in correct deception and savvy investors who would quickly discovery it, perception based electronic attacks would not be likely to succeed.

It is possible that a large-scale denial of service attack could disrupt an economy enough to eventually lead to currency devaluation; however, the scale would have to be many orders of magnitude larger than has yet been seen. September 11th has shown that the American economy can sustain several days of suspended economic activity and few denial of service attacks have been able to be maintained for that long.

In short, without the full backing and commitment of another nation, a significant investment of resources, and a willingness to be identified (at least the nation) as being behind the attack, direct long-term currency manipulation is not likely.

John Bambenek is an academic professional at the University of Illinois at Urbana-Champaign and a handler for the Internet Storm Center.


1 http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1188794,00.html
2 http://www.ziua.ro/display.php?data=2007-03-13&id=217445 (in Romanian)
3 https://www.cia.gov/cia/publications/factbook/print/us.html
4 http://cse.stanford.edu/class/cs201/projects-98-99/financial-transactions/large_investors2.htm