Nasdaq Hackers After Sensitive Inside Information, Not Trading System

A security expert said that hackers were after the insider information stored within Nasdaq OMX to use in their own trades.

The attackers who "repeatedly" breached Nasdaq OMX systems over the past year were most likely stealing insider information to use for financial trades, according to a security expert.

Nasdaq OMX confirmed Feb. 5 that its systems had been breached by hackers and malware had been found on one of its servers, but assured investors that the system that controls trades weren't affected and sensitive information stored in its Director's Desk Web portal had not been compromised.

According to Tom Kellermann, a former computer security official at the World Bank and current vice president of security awareness and government affairs at Core Security Technologies, hackers may not have been interested in the trading system at all.

The goal of hackers is to "stay in" the network as long as they can, he said. The "reality" is that there is no point to hack into the trading platform, he said. It's actually more beneficial for hackers to stay away from the trading system and to consider other applications, according to Kellermann.

"Attacking the trading system is like punching a bee hive: There's all sorts of alarms raised and lots of heat," Kellermann told eWEEK.

The criminals who infiltrated Nasdaq OMX must have been aware of the importance of these other systems, Kellermann speculated. The criminals gained access to a system containing sensitive insider information by getting into Director's Desk, which they could use in trading to make money, he said.

Director's Desk is a Nasdaq OMX subsidiary that offers Web-based tools to make it easier for boards of directors to prepare for, participate in and follow up on board meetings. Part of the service includes document-sharing tools for things like preliminary drafts of earnings reports and other key data and documents, according to its Website.

Director's Desk customers were regularly accessing the portal with confidential information, Kellermann said. "Information is power, too" he said.

Two Republican Congressmen called the attack "troubling" on Feb. 8. In a joint letter to Nasdaq OMX, House Financial Services Committee Chairman Spencer Bachus and committee member Scott Garrett asked for information about how the systems will be secured going forward. Democrat Sen. Robert Menendez also sent a letter to Securities and Exchange Commission Chairman Mary Schapiro, Attorney General Eric Holder and Homeland Security Secretary Janet Napolitano, stating that the SEC should "consider investigating the extent to which hacking can disrupt trading platforms."

"This is not terrorism or a state-sponsored attack," but clearly an attack to game the market, a form of financial fraud, Kellermann said.