4 Min Read
By Edward Krudy
NEW YORK, Feb 14 (Reuters) - Websites of exchange operators Nasdaq and BATS have been attacked by hackers over the last 24 hours, causing ongoing disruptions to the sites, but trading on the exchanges was not affected, spokespersons for the companies said on Tuesday.
Only the banner carrying the logo at the top of the web page for www.nasdaq.com was visible during repeated attempts to access Nasdaq's site on Tuesday afternoon.
A Nasdaq OMX Group spokesman confirmed that it had been suffering a denial-of-service attack (DOS) since late on Monday but said they had not located the origin of the attack and were unable to say when it would be resolved.
Another site, www.nasdaqtrader.com, was also affected.
"The website wasn't hacked, nobody got any information. What they did was try to block access for our users," said Nasdaq spokesman Joseph Christinat.
The Nasdaq's websites are separate from their trading systems and Christinat said the breach had not affected trading in any way.
"We experienced intermittent service disruptions on our corporate website and we are working to resolve the issues," he said.
Similarly, a BATS spokesperson said the company was affected by a denial of service incident. "Our trading systems were not affected and there were no exchange customer disruptions associated with the incident," the exchange said in a statement.
The Nasdaq and the New York Stock Exchange have been the victims of attacks in the past. Hackers who infiltrated the Nasdaq's computer systems in 2010 installed malicious software that allowed them to spy on the directors of publicly held companies, Reuters reported last year.
Keynote Systems, a mobile and Internet cloud monitoring company based in San Mateo, California, said tests from monitoring agents in four global locations in London, New York, San Francisco and Frankfurt all reported negative results when trying to access the Nasdaq website late on Tuesday afternoon.
"All four of those locations failed and returned a connection error," said Aaron Rudger, web performance marketing manager at Keynote. "To the extent that all four of these locations are not able to make connections it does mean that the website itself is fundamentally crippled."
A single test for the BATS website indicated that Frankfurt was the only location that was failing, but Rudger said further tests were needed to confirm the result.
A federal investigation into the 2010 cyber attack on Nasdaq found lax security practices, according to people with knowledge of the probe.
The top executive of the Nasdaq exchange operator said last year it has to be ever-vigilant against hackers and would spend more on security because of the threat.
Last October, the NYSE's website was inaccessible for 30 minutes, according to an Internet monitoring company, but the exchange said there was no interruption of service.
The incident followed a video posted on YouTube, which claimed to be from the activist hacker group Anonymous.
It said the NYSE website would be "erased from the Internet" in sympathy with the then-ongoing "Occupy Wall Street" protests in Lower Manhattan.
Neither the origin of the attack nor the video could be verified by Reuters on that occasion.
Spokesmen for the New York Stock Exchange and U.S. exchange DirectEdge said their websites had not experienced any attacks on Tuesday.
A director at the CME Group said he was not aware of any problems with its site.