Exclusive: Nasdaq hackers spied on company boards

Thu Oct 20, 2011 7:31pm EDT

The Nasdaq Composite stock market index is seen inside their studios at Times Square in New York in this file image from April 1, 2011.  REUTERS/Shannon Stapleton

The Nasdaq Composite stock market index is seen inside their studios at Times Square in New York in this file image from April 1, 2011.

Credit: Reuters/Shannon Stapleton

Related Topics

(Reuters) - Hackers who infiltrated the Nasdaq's computer systems last year installed malicious software that allowed them to spy on the directors of publicly held companies, according to two people familiar with an investigation into the matter.

The new details showed the cyber attack was more serious than previously thought, as Nasdaq OMX Group had said in February that there was no evidence the hackers accessed customer information.

It was not known what information the hackers might have stolen. The investigation into the attack, involving the FBI and National Security Agency, is ongoing.

"God knows exactly what they have done. The long term impact of such attack is still unknown," said Tom Kellermann, a well-known cyber security expert with years of experience protecting central banks and other high-profile financial institutions from attack.

The case is an example of a "blended attack," where elite hackers infiltrate one target to facilitate access to another. In March hackers stole digital security keys from EMC Corp's RSA Security division that they later used to breach the networks of defense contractor Lockheed Martin Corp.

Nasdaq had previously said that its trading platforms were not compromised by the hackers, but they attacked a Web-based software program called Directors Desk, used by corporate boards to share documents and communicate with executives, among other things.

By infecting Directors Desk, the hackers were able to access confidential documents and the communications of board directors, said Kellermann, chief technology officer at security technology firm AirPatrol Corp.

Investigators have learned that hackers were able to spy on "scores" of directors who logged onto directorsdesk.com before the malicious software was removed, said Kellermann and another person familiar with the investigation who was not authorized to discuss the matter publicly.

It was still unclear how long Nasdaq's system was breached before the attack was discovered last October.

A Nasdaq spokesman confirmed the investigation into the attack continues, but declined to give further details.

NSA HELPS NASDAQ

Executive Assistant FBI Director Shawn Henry said the financial services sector was losing hundreds of millions of dollars to hackers every year, and the attacks were increasingly "destructive" in nature.

"We know adversaries have full unfettered access to certain networks. Once there they have the ability to destroy data," he told Reuters in a phone interview. "We see that as a credible threat to all sectors, but specifically the financial services sector." Henry declined to comment on the Nasdaq attack.

U.S. Army General Keith Alexander, head of the National Security Agency and U.S. Cyber Command, said the NSA was working with Nasdaq to help protect its network against further attacks.

Alexander told security experts at a Baltimore conference that the United States was shoring up its defenses, but still had "tremendous vulnerabilities" to a growing number of increasingly destructive electronic attacks.

"Nation states, non-nation state actors and hacker groups are creating tools that are increasingly more persistent and threatening, and we have to be ready for that," he said.

Amid a spate of high-profile cyber crimes, the Obama administration wants Congress to pass comprehensive cyber-security legislation that would increase the government's ability to thwart the growing threat.

Alexander and other top officials held a classified meeting with lawmakers on Wednesday and Thursday to discuss the issue, according to sources familiar with the meeting.

Nasdaq CEO Robert Greifeld said in July that the exchange is under constant attack, requiring it to spend nearly a billion dollars a year on information security.

"As we sit here, there are people trying to slam into our system every day," Greifeld said in the interview. "So we have to be ever vigilant against an ever-changing foe."

(Reporting by Jim Finkle. Additional reporting by Jonathan Spicer in New York, Andrea Shalal-Esa in Baltimore and Diane Bartz in Washington. Editing by Tim Dobbyn, Tiffany Wu, and Bob Burgdorfer

FILED UNDER:
We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see http://blogs.reuters.com/fulldisclosure/2010/09/27/toward-a-more-thoughtful-conversation-on-stories/
Comments (6)
libertadormg wrote:
Scary!

Oct 20, 2011 8:50pm EDT  --  Report as abuse
edgyinchina wrote:
Probably Fox News… they belong to Murdoch

Oct 20, 2011 10:05pm EDT  --  Report as abuse
diluded0000 wrote:
After running Wireshark to look at the raw data moving between the computers in my house, I noticed a Chinese word kept going around between my computers. Worried that Chinese nationals were hacked into my system, like likely happened to these NASDAQ companies, I looked up the word. Turns out it is the name of the Chinese company that programmed the chip that controls all my internet traffic. Think about that.

Not to sound like a total protectionist, but I hope any cyber-security legislation comprehends the risk presented by letting companies outside the USA have unfettered access, and in some cases actually design, the internals of systems that are critical to national security. If someone adds a rogue cell library to an ASIC, or creates a well hidden firmware trojan, it is nearly impossible to detect. You need some serious safeguards for critical hardware development.

But what will really happen is the special interest in Hollywood will write security legislation that will trash every American’s privacy rights to protect their digital movies, and make us pay for it ourselves.

Oct 20, 2011 11:16pm EDT  --  Report as abuse
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.