“This is a broad attack against the financial services sector,” said Shawn Henry, a former executive assistant director at the Federal Bureau of Investigation, who is now a senior executive with computer security company CrowdStrike Inc. Millions of dollars have been stolen from multiple hedge funds over the last five years, he said in a phone interview.

The FBI and Secret Service declined to comment.

In one recent example, hackers stole passwords from the chief financial officer and treasurer of a U.S. hedge fund, said Eldon Sprickerhoff, founder and chief security strategist for the Canadian network-security company eSentire Inc. The hackers then drained about $1.5 million in under two minutes using three wire transfers -- each just under $500,000, the amount that would have set off an alarm at the fund -- said Sprickerhoff. He said his firm identified the intrusion earlier this year.

Sprickerhoff declined to name the firm and the allegations couldn’t be corroborated.

Sprickerhoff also said many hedge funds are linked to the prime brokers conducting trades for them either by secure Internet connections or by a direct line that doesn’t go over the Web. Such connections, he said, have a low vulnerability to attack, leaving hackers to seek entrance to networks by tricking employees to open so-called phishing e-mails.

Customer Pressure

The cybersecurity companies that described such attacks have a stake in selling services to hedge funds and banks. Keith Alexander, the former head of the National Security Agency, is entering the field by opening up his own cybersecurity consultancy focused on the financial sector.

Under pressure from regulators, lawmakers and their customers, financial firms are pouring hundreds of millions of dollars into barriers against digital assaults. JPMorgan Chase & Co. will spend $250 million on cybersecurity this year, Chief Executive Officer Jamie Dimon said in an April letter to shareholders.

In all, the global market for network-intrusion detection and prevention equipment and services is estimated at $95.6 billion in 2014 and expected to reach $155.7 billion by 2019, according to the Dallas research company MarketsandMarkets.

Financial Attacks