Early yesterday afternoon East Coast time, someone managed to get access to the Associated Press Twitter account and sent out the following message: "Breaking: Two explosions in the White House and Barack Obama is injured."
That tweet, sent out at 1:07 p.m. EDT, triggered an almost unbelievably swift response in the nation's financial markets. The Dow and other major indexes began to plummet, losing 1 percent within minutes. Reuters estimated that the sudden drop was enough to wipe out $136.5 billion in the value of the S&P 500. But just as quickly, the AP and White House knocked down the false report and the markets corrected. Most indexes wound up with a healthy gain for the day.
How could that phony tweet—just 71 characters, with spaces—cause such a profound effect so quickly?
Shane Shook, chief knowledge officer and a vice president for Irvine-based security startup Cylance, is a veteran investigator of information security breaches. He says that yesterday's incident adds to a running list of problems with the high-frequency trading systems that now handle most of the buy and sell orders in today's markets. Those systems are automated, depending on a variety of algorithms to decide when to execute trades. Shook says a key source of information for the algorithms is news feeds from both traditional sources like the wire services and from new media like Twitter. He says that when those algorithms picked up on an alarming set of terms yesterday, they swing into action without human intervention.
"White House, bomb, fire, government, things like that—those combination of terms have a higher value than other terms in a risk weighting by the algorithms,” Shook explains. “It causes positions to be automatically executed that otherwise would not."