Nasdaq Network Repeatedly Compromised by Hackers

 
 
By Fahmida Y. Rashid  |  Posted 2011-02-05
 
 
 

Nasdaq OMX, the shell company that owns the Nasdaq Stock Market, has been repeatedly breached by hackers over the past year, according to the Wall Street Journal.

The United States Secret Service and the Federal Bureau of Investigation are investigating the attacks to identify the perpetrators and to uncover their motives, according to the Feb. 5 article. Despite repeated attempts, the hackers have not yet compromised Nasdaq's trading platform, which handles all trades, the Journal reported.

Nasdaq OMX found "malware" on a part of its network called Director's Desk during its normal security screenings, the company told the Journal. The service allows company boards to communicate by securely storing and sharing documents, the paper reported.

The trading platform architecture "operates independently" from Web-facing services like Director's Desk, Nasdaq OMX told the Journal. "At no point was any of Nasdaq OMX's operated or serviced trading platforms compromised," according to the company.

"So far, [the perpetrators] appear to have just been looking around," a source told the Wall Street Journal.

Investigators are not sure whether all the holes have been found and plugged, the Journal said. If the hackers eventually manage to get access to the electronic trading systems, they could trigger a stock market crash that could have severe repercussions across the economy.

Investigators are considering several possible motives, including unlawful financial gain, stealing trade secrets, and a national-security threat designed to damage the exchange, according to the Journal. The incidents were the equivalent of someone sneaking into a house and walking around, but not taking or tampering with anything, sources said.

"Many sophisticated hackers don't immediately try to monetize the situation; they oftentimes do what's called local information gathering, almost like collecting intelligence, to ascertain what would be the best way in the long term to monetize their presence,'' Tom Kellermann, security expert at Core Security Technologies, told the Journal.

Law enforcement considers the hacking of Nasdaq OMX to be equivalent to hacking into utilities or other "critical infrastructure" such as air traffic control systems and power grids.

Many advanced hackers in the world are increasingly targeting financial institutions, particularly those involved in trading, Kellermann said. No other stock exchanges appear to be targeted at this time, law enforcement officials told the New York Times.

"We take any potential threat seriously and we are continually working to ensure that our systems operate at the highest levels of security and integrity," said Ray Pellecchia, a spokesman for NYSE Euronext, which operates the New York Stock Exchange, in a statement.

The investigation has been on-going for at least a couple of months, and several computer crimes specialists are assisting federal investigators, the New York Times reported. Although some of the evidence points to Russia, investigators don't know yet whether the perpetrators are Russian or if they are just using Russian computers as proxies.

Nasdaq had not notified customers about the breaches at the request of law enforcement to wait till Feb. 14, but decided to inform customers after the Wall Street Journal published the story, the company said.

Stock exchanges are often a tempting target. Nasdaq's information and news Web site was hacked and defaced in 1999. The London Stock Exchange was attacked repeatedly last year after switching its trading systems to Linux, according to Computerworld UK.

 
Rocket Fuel