NASDAQ Hack Raises Critical Infrastructure Concerns

Type threatpost
Reporter Brian Donohue
Modified 2013-04-17T20:09:13


NASDAQNASDAQ OMX, owners and operators of the NASDAQ Stock Exchange, reported
this weekend that their systems had been infiltrated by unknown hackers. According
to a report in the New York
NASDAQ OMX contacted federal law enforcement officials after discovering suspicious
files in a part of their US server that is not related to trading.

NASDAQ officials have reason to believe that Directors Desk, a web-based
application serving some 5,000 users on which corporations can store and share
information, may have been affected. NASDAQ claims the suspicious files “were immediately removed and
at this point there is no evidence that any Directors Desk customer information
was accessed or acquired by hackers.”

Related Posts

Westin, Marriott, Sheraton Hotels Hit By Payment Card Malware

August 15, 2016 , 12:57 pm

Kimpton Hotels Investigating Payment Card Fraud

July 26, 2016 , 2:50 pm

Datadog Forces Password Reset Following Breach

July 11, 2016 , 3:03 pm

At the request of
the US Department of Justice, NASDAQ abstained from notifying their
customers. However, after the Wall
Street Journal
broke the story on
Saturday, NASDAQ consulted with officials and decided to send out a release confirming
the breach.

NASDAQ’s handles around 19 percent of stock trading
in the US, which places it among power companies and air-traffic control
as part of the nation’s essential infrastructure in the eyes of the government.
Any trepidation on the part of traders resulting from the breach could have
dire economic ramifications.

A NASDAQ official said, “So far, [the hackers] appear to have just been looking around.” However, investigators haven’t identified a clear motive and aren’t sure that all possible vulnerabilities in the NASDAQ’s system have been patched to prevent further breaches, the Times reported.

Like other critical infrastructure, the availability of the NASDAQ tradiing system is a top concern. That means investigators are
primarily concerned with preserving the stability and reliability of computerized
trading, while also working to ensure that investors have full faith in the system.