Tag Archives: Core Security Technologies

And Here We Go: Nasdaq Stock Exchange Hacked!

This is exactly what I’ve been waiting for – and have been warning about – that hackers would gain access to the major financial market places. Well, now it has become a reality. according to The Wall Street Journal, quoting people familiar with the matter, US federal authorities are investigating repeated intrusions into the computer network that runs the NASDAQ Stock Exchange.

“So far, the perpetrators appear to have just been looking around.”

Hackers have repeatedly penetrated the computer network of the company that runs the NASDAQ Stock Market during the past year, and federal investigators are trying to identify the perpetrators and their purpose, according to people familiar with the matter. The exchange’s trading platform—the part of the system that executes trades—wasn’t compromised, according to the sources. However, it couldn’t be determined which other parts of Nasdaq’s computer network that has been accessed.

Investigators are considering a range of possible motives, including unlawful financial gain, theft of trade secrets and a national-security threat designed to damage the exchange, The Wall Street Journal reports.

The Nasdaq situation has set off alarms within the government because of the exchange’s critical role, which officials put right up with power companies and air-traffic-control operations, all part of the nation’s basic infrastructure.

Other infrastructure components have been compromised in the past, including a case in which hackers planted potentially disruptive software programs in the U.S. electrical grid, according to current and former national-security officials.

“So far, [the perpetrators] appear to have just been looking around,” says one person involved in the NASDAQ matter.

Another person familiar with the case said the incidents were, for a computer network, the equivalent of someone sneaking into a house and walking around but—apparently, so far—not taking or tampering with anything.

A probe into the matter was initiated by the Secret Service and now includes the Federal Bureau of Investigation, WSJ.com writes.

The mystery surrounding the hackers and their motives is worrying investigators, who remain unsure whether they have been able to plug all potential security gaps—especially since invaders typically seek new ways to breach systems.

The case involving New York-based Nasdaq OMX Group Inc. is part of what cyber-crime authorities see as a broader problem of hackers nosing around corporate computer networks, with varying degrees of success.

U.S. companies are a continual target, and sometimes their public websites are vandalized.

It is rarer for perpetrators to penetrate internal systems. Such breaches rarely come to light because companies fear that acknowledging them would alarm customers or encourage copycats.

Tom Kellermann, a former computer security official at the World Bank who now works at a firm called Core Security Technologies, says the most advanced hackers in the world are increasingly targeting financial institutions, particularly those involved in trading.

“Many sophisticated hackers don’t immediately try to monetize the situation; they oftentimes do what’s called local information gathering, almost like collecting intelligence, to ascertain what would be the best way in the long term to monetize their presence,’‘ he says.

People familiar with the NASDAQ matter said the Secret Service first began investigating last year.

Investigators have informed White House officials of the case, according to the people familiar with the situation, who said that such a move is typical in hacking investigations, particularly in the early stages of the probes.

Authorities haven’t yet been able to follow the trail to any specific individual or country.

Those familiar with the case says that some evidence points toward Russia, but the person or people responsible could be almost anywhere, perhaps using computers in Russia merely as a conduit.

The case poses two concerns for authorities: preserving the stability and reliability of computerized trading, and ensuring that investors have full faith in that system.

Stock exchanges know they are frequently targets for hackers.

“We take any potential threat seriously and we are continually working to ensure that our systems operate at the highest levels of security and integrity,” Ray Pellecchia, a spokesman for NYSE Euronext, which operates the New York Stock Exchange, says.

Yeah, right!

Well, let me point out a few things:

NASDAQ’s website was hacked already back in 1999 – almost 12 years ago. What do you think the hackers were trying to do? Paint graffiti on the ticker board?

Keep in mind that who ever made the  Stuxnet worm spent about 10 years to develop the first prototype.

It the security people believe that the recent hackers have just been snooping around, they must be extremely naive.

The new generation of malware has the capability to hide itself from any known antimalware tools, or disable them. If discovered, the malware mutate itself, disguise itself as a totally different file in a totally different area of the system.

Meanwhile – market participants and regulators keep blaming the high frequency traders for all the flash crashes and computer failures that has occurred lately. Just like the hedge funds was – at first – blamed for the whole financial crisis. (And a bit more…).

And, as I understand it, the incident described above happened a year ago. Why hasn’t the market been informed of this before?

Talking about investors confidence in the stock exchange systems….

Now, please get your fat fingers out of your asses and face the real world!

Blogger Templates

Related by the Econotwist’s:


Filed under International Econnomic Politics, Laws and Regulations, Technology