Hackers Attacking NASDAQ Conducted Espionage against Company BODs
According to one fresh report, computer hackers who, in 2010, struck National Association of Securities Dealers Automated Quotations (NASDAQ) the U.S Stock Exchange covertly monitored the activities of public BOD (board of directors), published CNET News dated October 21, 2011.
Reportedly, by planting spying software, the unidentified cyber-criminals managed to seize the BOD's secret documents as well as other communications via the hijacked system.
More precisely, there's proof that the hackers loaded a spying tool for conducting espionage operations against a number of directors when the latter accessed directorsdesk.com while remaining unaware about the length of time the program ran prior to spotting and eliminating it in October 2010, investigators indicate.
Essentially, during the autumn of 2010, attackers compromised the web-based Director's Desk software running at NASDAQ that different company BODs used when they exchanged financial information via marketing of the exchange, shell company Nasdaq OMX, the stock market's owner revealed on February 5, 2011. However, according to Nasdaq OMX, the compromise didn't lead to leakage of customer info, while various systems, including the trading equipments stayed undisturbed.
Moreover, remarking about the said hack, Vice-President of Research Gunter Ollman at Damballa a security company stated that given that the public info the hack accessed was sparse as also the nature which characterized the Director's Desk software, it could be said that remote attackers possibly abused security flaws in the software thus enabling them in monitoring the exchange of information-rich messages among different company directors. News.Gnom.es published this on October 22, 2011.
Ollman further stated that the hackers' mode-of-attack probably involved SQL insertion, cracking of authentication as well as session management along with website restriction failures. He added that his experience of performing penetration tests on companies listed in Fortune 500 demonstrated the above as the frequent flaws exploitable for unraveling confidential data of the aforementioned degree.
Meanwhile, Head of NSA (National Security Agency) as also American Cyber Command Keith Alexander, the U.S Military General stated that there was a continuous joint task between the NSA and NASDAQ for aiding in safeguarding the latter's network from future assaults, thus published reuters.com dated October 20, 2011.
Related article: Hackers Redirect Windows Live Search to Malicious Sites
» SPAMfighter News - 31-10-2011