Nasdaq Attack, Facebook Security Lead News

 
 
By Brian Prince  |  Posted 2011-02-06
 
 
 

This past week in IT security ended with some big news -Nasdaq OMX, the company that owns and operates the Nasdaq Stock Market, has been hit with malware during the past year.

According to reports, the United States Secret Service and FBI are investigating the attack, which failed to compromise Nasdaq's trading platform. Nonetheless, malware did infect part of the Nasdaq OMX network known as the Director's Desk, which allows company boards to communicate by securely storing and sharing documents.

The trading platform architecture "operates independently" from Web-facing services like Director's Desk, Nasdaq OMX told the New York Times, adding that "at no point was any of Nasdaq OMX's operated or serviced trading platforms compromised."

News of the attack on Nasdaq is just one example of malicious activity highlighted during the week. Security researchers also noted several malware strains being used to lock users out of their accounts and forcing them to take questionnaires if they want to regain access.

"Once again cyber-criminals are using social engineering to trick victims and infect them with malware," said Luis Corrons, technical director of PandaLabs.

Facebook patched an unrelated vulnerability discovered by two students at Indiana University that allowed an attacker to steal an authentication token sent to legitimate sites when the sites request to share data with Facebook. If the attacker steals that token, he or she can impersonate the legitimate site and access user information.

"Bing.com by default has the permission to access any Facebook user's basic information such as name, gender, etc., so our malicious website is able to deanonymize the users by impersonating Bing.com," one of the students, Rui Wang, told eWEEK in an e-mail. "In addition, due to business needs, there are many websites requesting more permissions, including access to a user's private data, and publishing content on Facebook on her behalf. Therefore, by impersonating those websites (e.g., NYTimes, ESPN, YouTube, and FarmVille, etc.), our website can obtain the same permissions to steal the private data or post bogus messages on Facebook on the user's behalf."

Anonymous struck again this past week, this time hitting Websites belonging to the Yemeni and Egyptian governments. News also hit that reputed spammers had taken over thousands of IP addresses assigned to the wife of Egyptian President Hosni Mubarak and the science center that bears her name. The move is typical of spammers trying to get their hands on Internet address space that has not been blacklisted, security pros told eWEEK.

In the realm of critical infrastructure security, eWEEK examined a U.S. Department of Energy audit that took a look at cyber-security efforts related to the nation's power grid. According to the audit, many businesses are not properly identifying critical assets, something that underscores the challenge of a risk-based approach to security in situations where businesses -in a desire to cut costs -have an incentive to underreport risk.

Also during the week, the FBI arrested an Arizona man on suspicion of fraud and computer tampering in connection with interrupting the 2009 Super Bowl broadcast with a clip from an adult movie. Frank Tanori Gonzalez of Marana, Ariz., was arrested at roughly 5:30 p.m. Feb. 4, according to reports. In preparation for the big game, researchers at PC Tools advised users to be wary of attacks taking advantage of interest in the Super Bowl game today.

Rocket Fuel