February 6, 2011

Nasdaq hackers target corporate-board service

NEW YORK - Hackers broke into a Nasdaq service that handles confidential communications for about 300 corporations, the company said Saturday - the latest vulnerability exposed in the computer systems Wall Street depends on.

The intrusions did not affect Nasdaq's stock-trading systems, and no customer data were compromised, Nasdaq OMX Group Inc. said. Nasdaq is the largest electronic-securities-trading market in the U.S., with more than 2,800 listed companies.

A federal official said that the hackers broke into the service repeatedly over more than a year. Investigators are trying to identify the hackers, the official said. The official spoke on condition of anonymity because the inquiry by the FBI and Secret Service is continuing.


The targeted service, Directors Desk, helps companies share data with directors between scheduled board meetings. It also allows online discussions and Web conferencing within a board. Since board directors have access to information at the highest level of a company, penetrating the service could be of great value for insider trading.

Nasdaq OMX spokesman Frank DeMaria said the Justice Department had requested that the company keep silent about the intrusion until at least Feb. 14. However, the Wall Street Journal reported the investigation on its website late Friday, prompting Nasdaq to issue a statement and notify its customers.

DeMaria said Nasdaq OMX detected "suspicious files" during a regular security scan on U.S. servers unrelated to its trading systems and determined that Directors Desk was potentially affected. It pulled in forensic firms and federal law enforcement for an investigation. They found no evidence that customer information was accessed by hackers.

Rich Mogull, an analyst and CEO with the security-research firm Securosis, said Web-accessible services like Directors Desk are a prime target for hackers, and have sometimes been a back door for systems that aren't directly connected to the Web. The presence of files on the Directors Desk system and the claim that no customer information was compromised could indicate that hackers were able to get in but not complete their attack, he said.

Computer-security experts have long warned that many companies aren't doing enough to protect sensitive data, and recent events have underlined the point. The secret-spilling organization WikiLeaks has published confidential documents from banks in Switzerland and Iceland and claims to have incriminating files from a major U.S. bank, possibly Bank of America.

In 1999, hackers infiltrated the websites of Nasdaq and the American Stock Exchange leaving taunting messages, but Nasdaq officials said then that there was no evidence the break-ins affected financial data.

by Peter Svensson Associated Press Feb. 6, 2011 12:00 AM




Nasdaq hackers target corporate-board service

1 comment:

  1. The World Protection Group ensures the safety of VIPs. We are specialized in Executive Protection, Corporate Security, Personal Protection, VIP Protection etc Corporate Security

    ReplyDelete

Mashable!

Crave: The Gadget Blog

PCWorld Latest Technology News

CNET TV: Laptops

Blog Archive

Recent Comments