Nasdaq stock exchange reveals repeated security breaches

HACKERS MANAGED TO INFILTRATE some systems at the Nasdaq stock exchange in 2010, and US federal investigators are none the wiser as to who was conducting the attacks.

The US based Nasdaq stock exchange that lists many technology firms fell victim to hackers with repeated attacks succeeding in breaching security defences. At present the Wall Street Journal claims that Nasdaq's trading platform wasn't compromised, but the FBI is still trying to identify who conducted the attacks and what their motives were.

While investigators are aware of intrusions into Nasdaq's network, they are unsure whether all the security vulnerabilities have been patched. At present the authorities claim that no actual damage was done, with the hackers merely looking around the network.

The Nasdaq isn't the only stock exchange being targeted, with the London Stock Exchange (LSE) having revealed that it had also fallen victim to hackers. Like the Nasdaq attacks, the LSE is currently trying to locate the source of the attacks. Uri Rivner, head of new technologies at RSA Security has speculated that the attacks might even have been an inside job.

Stock exchanges such as the Nasdaq and LSE have to maintain user confidence in the integrity of their trading systems. Ray Pellicchia, a spokesman for NYSE Euronext, the operator of the New York Stock Exchange (NYSE) said, "We take any potential threat seriously and we are continually working to ensure that our systems operate at the highest levels of security and integrity."

News of the Nasdaq network breach not only got the US Secret Service involved but the White House was also informed. Stock exchanges such as the Nasdaq and the NYSE are classed as vital infrastructure to the US, and any manipulation could severely disrupt the US economy.

Attacks on stock exchanges fall under the umbrella of 'cyber espionage' with other targets including utilities such as gas, electricity and water and defence firms. Last week British Foreign Secretary William Hague told a conference in Germany that the UK was under cyber attack, however finding those who perpetrate such attacks is notoriously difficult.

Given that investor confidence would be destroyed if a stock exchange were to reveal manipulation through computer security vulnerabilities, it is likely that the exchange operators would be very keen to keep news of a breach quiet. Even though the Nasdaq claims that hackers only poked around its network, the notion that attackers got any access at all might be enough to spook some investors.

The problem for law enforcement authorities is that they might find it hard to distinguish hackers from the faceless investment banksters who manipulate the stock markets over the Internet on a daily basis. µ