Sunday, February 6, 2011

Hackers Successfully Breached Nasdaq Systems

Fortunately, this was only the Internet front-end. From the article, it seems that suspicious files were found in a service platform, which could indicate that more malwares are to be found in the systems. The article doesn't mention what services were affected and if there is a potential for these to have been disseminated to other financial platforms or institutions.

Another article has more details on this. For instance, the platform is said to be used by Fortune500 companies to exchange confidential information. Also, it seems that this went on for a year without being detected. As of now, the matter is being investigated by the FBI.

Let's get a bit creative and let's imagine what are the possible scenarios.

1. The hackers got confidential information, either allowing them to invest with the equivalent of insider information, or to sell that information to other parties.

2. The hackers were able to modify the information in transit, biasing investments, and possibly altering the way some companies did business.

3. The hackers were able to suppress certain communications.

At this point, it seems that, although the backdoor was there, nothing was done.

I bet that in the next few days, all the financial places will start internal audits of their own systems. I hope there won't be too many surprises.

By the way, the official NASDAQ OMX statement can be found here.