Corporate insiders earn massive profits by trading their own stock immediately after a rival company suffers a cyberattack.
Executives learn about digital breaches at competing firms before the news becomes public. They use this early warning to bet on their own company’s relative strength in the market. This shadow trading allows insiders to profit from a disaster that hasn't even hit the headlines yet. Lawmakers and regulators currently struggle to track these trades because they do not involve the victim's stock. A security failure at one firm creates a secret wealth-building opportunity for its closest competitors.
Profiting from Cyberattacks at Rivals: Evidence from Insider Trading
SSRN · 4349714
This study examines how regulatory gaps in cybersecurity disclosure requirements allow information about operational risk to reach industry competitors. We find that insiders at peer firms earn abnormal profits by trading their own firms’ stock before target firms disclose cyberattacks. These profits vary with incident severity and cyber risk exposure and are concentrated among peer insiders with nonworkplace ties or nonboard ties to insiders at target firms. Their profitability is higher when t