Nasdaq Server Breach: 3 Expected Findings

  /     /     /  
Publicated : 22/11/2024   Category : security


Nasdaq Server Breach: 3 Expected Findings


While federal investigators remain quiet about the ongoing investigation, experts say that the Directors Desk data breach is even worse than thought.



Remember the Nasdaq breach? Its worse than previously thought.
Last week, two experts with knowledge of Nasdaq OMX Groups internal investigation said that while attackers hadnt directly attacked trading servers, they had installed malware on sensitive systems, which enabled them to spy on dozens of company directors. God knows exactly what they have done. The long-term impact of such [an] attack is still unknown, cyber security expert Tom Kellermann, CTO of AirPatrol,
told Reuters
, which reported the experts findings.
In February 2011, Nasdaq OMX Group had confirmed that its
servers had been breached
, and suspicious files found on servers associated with Directors Desk, which is a Web-based collaboration and communications tool for senior executives and board members to share confidential information. The product has about 10,000 users, according to the companys website.
[From Wall Street to military contractors, hackers have been busy this year. Read
Anonymous Threatens New York Stock Exchange Attack
.]
At the time, Nasdaq said that it had discovered the attack in October 2010, immediately removed the suspicious files, and launched an investigation, saying at this point there is no evidence that any Directors Desk customer information was accessed or acquired by hackers. But it wasnt clear how long the malicious files may have resided on Nasdaqs systems. Indeed, based on past breaches, many businesses
fail to spot
when theyve been hacked, at least right away.
Interestingly, Nasdaq didnt immediately
inform customers about the breach
, after the FBI--which is investigating the matter, together with the National Security Agency--asked it to delay doing so, so as to not impede its investigation. Furthermore, because of that investigation, Nasdaq hasnt publicly released many details about the attack. But based on recent news reports, as well as likely attack scenarios, well likely see these three findings:
1. Web application flaws were exploited.
The most popular technique for compromising a Web-based application is to
exploit well-known weaknesses
in the Web application itself. Gaining remote access to confidential data held within the Directors Desk application could have been through SQL injection, broken authentication and session management, and URL restriction failures, said Gunter Ollman, VP of research at network security vendor Damballa, via email. In my years of running penetration tests against Fortune 500 companies, these were the most common vulnerabilities that could be exploited to reveal this level of confidential data.
2. Virtual insider trading occurred.
If you were a hacker with access to the sensitive communications of senior executives at some of the worlds biggest companies, seeing earnings results before they were publicly announced, what would you do? No doubt, seek to profit from the information. Expect to see
virtual insider trading
having occurred.
3. Directors Desk served as attack platform.
With access to Directors Desk, attackers may not just have listened in, but also attempted to actively impersonate executives, if not for market-moving purposes then at least to launch
spear-phishing attacks
. With the ability to impersonate other directors--e.g. uploading communications pretending to be from another director--the attacker could modify content to include malware designed to infect individual company directors, said Ollman. If successful, this would have extended attackers reach well beyond Directors Desk, thereby allowing the attackers direct access to the systems that the company directors use on a daily basis within their own companies, he said. In fact, some of those infections might still be active.

Last News

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Nasdaq Server Breach: 3 Expected Findings