Skip to Content
MIT Technology Review
Sign in

Want to Make a Buck in the Stock Market? Bet Against Companies Likely to Be Hacked

When hackers expose flaws in products, a company’s share price can fall, and traders are getting wise to the pattern.
September 6, 2016

The next big way to make money might be short-selling the stock of a company that you believe to have a security flaw.

It’s certainly what Carson Block, the founder of research firm Muddy Waters, tried to do when he issued a report announcing that he was shorting shares of the medical device manufacturer St. Jude. He claimed that the company’s pacemakers and defibrillators could be easily hacked—perhaps with fatal consequences.

The move was the result of research conducted by a security firm called MedSec Holdings. Block shorted stock in the company based on the assumption that public knowledge of such a vulnerability would cause the St. Jude share price to fall. It did.

It’s actually unclear whether the claims made by MedSec and Block are totally accurate. St. Jude has called them “false and misleading," while University of Michigan medical device security expert Kevin Fu has also questioned their accuracy.

But facts alone do not shape the financial markets.

So markets moved, while financial experts rushed to speak with medical device cybersecurity consultants and find out if the reports were accurate. Jonathan Butts, one such consultant, told Bloomberg that the situation “is almost like The Big Short—someone saw something that nobody else did."

In fact, also much like The Big Short, this kind of trade is “entirely novel,” according to the Bloomberg piece, and it might have some fairly profound ramifications in the future.

Financial markets can shift quickly, and it’s not clear that analysts at banks are particularly well-placed to determine the veracity of these kinds of security claims. Wall Street, then, may potentially look to identify new expertise to help them move faster in such situations.

Hackers may be able to get in on the profits, too. Rather than quietly announcing vulnerabilities online or at conferences, many security experts might be tempted to follow MedSec in sharing their discoveries with traders. It could be worth their while—though it may add insult to injury for the companies that are affected.

(Read more: Bloomberg, Business Insider, Reuters)

Keep Reading

Most Popular

This new data poisoning tool lets artists fight back against generative AI

The tool, called Nightshade, messes up training data in ways that could cause serious damage to image-generating AI models. 

The Biggest Questions: What is death?

New neuroscience is challenging our understanding of the dying process—bringing opportunities for the living.

Rogue superintelligence and merging with machines: Inside the mind of OpenAI’s chief scientist

An exclusive conversation with Ilya Sutskever on his fears for the future of AI and why they’ve made him change the focus of his life’s work.

How to fix the internet

If we want online discourse to improve, we need to move beyond the big platforms.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.