Back in February, I posted a note here about a security breach that had been discovered in some computer networks owned by NASDAQ (originally, the National Association of Security Dealers Automated Quotation system). The NASDAQ Stock Market is the largest US trading platform for stocks not listed on the New York Stock Exchange [NYSE]. It is the largest screen-based trading exchange in the US, listing 2800+ issues, and the largest in the world by trading volume. It did not appear that the attack had compromised the actual NASDAQ trading system, but the total scope of the attack was still being analyzed. One system that was affected was Directors’ Desk, a sort of bulletin-board system for senior corporate managements.
According to a recent article at Reuters, it now appears that the attackers used their successful access to Directors’ Desk as a first step to facilitate snooping on corporate directors and others to obtain confidential information.
Hackers who infiltrated the Nasdaq’s computer systems last year installed malicious software that allowed them to spy on the directors of publicly held companies, according to two people familiar with an investigation into the matter.
The new details showed the cyber attack was more serious than previously thought, as Nasdaq OMX Group had said in February that there was no evidence the hackers accessed customer information.
The breach is suspected to have been part of what is sometimes called a “blended” attack: an initial target is compromised, which may not only yield some confidential information itself, but also other information that may lead to breaking into other systems. (For example, the attacker might get users’ personal information that would facilitate guessing poorly-chosen passwords.)
By infecting Directors Desk, the hackers were able to access confidential documents and the communications of board directors, said Kellermann, chief technology officer at security technology firm AirPatrol Corp.
It is still not clear exactly how long the security breach existed before it was detected, nor does anyone know exactly what information was compromised. The investigation is continuing, with the assistance of the FBI and the NSA.