In October 2010, the FBI determined malware, most likely from an intelligence agency of another country had snuck into the Nasdaq’s central servers.
The following facts are the most shocking:
- Several different groups were operating freely on Nasdaq computers, some of which may have been in the exchange’s networks for years, including criminal hackers and Chinese cyberspies.
- Basic records of the daily activity occurring on the company’s servers, which would have helped investigators trace the hackers’ movements, were almost nonexistent.
- The website run by One Liberty Plaza’s building management company had been laced with a Russian-made exploit kit known as Blackhole, infecting tenants who visited the page to pay bills or do other maintenance.
- The situation was so bad, one investigator referred to Nasdaq’s computer banks as “the dirty swamp.”
- There were indications that a large cache of data was stolen, though proof was scarce, and it was hard to see what was spirited out.
- A subsequent investigation showed systematic security failures riddling some of the most important U.S. financial institutions.
- Many of them were vulnerable to the same attack that struck Nasdaq. They were spared only because the hackers hadn’t bothered to try.
- By mid-2011, investigators began to conclude that the Russians weren’t trying to sabotage Nasdaq. They wanted to clone it, either to incorporate its technology directly into their exchange or as a model to learn from.
- Almost four years after the initial Nasdaq intrusion, U.S. officials are still sorting out what happened.
Bottom line is that companies still seem to be behind the curve in terms of protecting themselves from threats like these. Recently a hedge fund was infiltrated and its trading algorithms were slowed intentionally to make them ineffective. Hackers are getting as smart as the coders they target – oftentimes they are even smarter. And their motives vary, making an effective security policy almost impossible to put in place.