THE CYBER ATTACK on the Nasdaq OMX Group electronic stock exchange last year was caused by weak security that let the hackers right in.
A report at Reuters says that lax security practices opened up the door to hacking. However, while the US Federal Bureau of Investigation (FBI) is still making enquiries, sources have come forward with their view of what happened.
These sources, who did not want to be identified, are concerned that since the data is classified they might get in trouble for talking about it. Which, when you consider that the FBI is alreadly involved, is possibly reasonable.
For now the FBI is contenting itself with looking at the Nasdaq Directors Desk software, which is where the breach occurred, and trying to work out how it happened.
According to Reuters the rest of the Nasdaq OMX Group's technology architecture is looking pretty good, except where it actually isn't any good.
Four sources told Reuters that FBI investigators have found computers with out of date software on them, missing security patches and misconfigured firewalls. This sort of thing might be excusable at home, but not at Nasdaq.
"This was easy pickings," said one of the sources. "You would have thought they would be like a cyber Fort Knox, but that wasn't the case at all."
However, this was denied by Nasdaq itself, and Carl-Magnus Hallberg, SVP of information technology services for Nasdaq OMX Group, told Reuters that such talk was really rather mean.
"This was a sophisticated attack," he insisted. µ
Problematic password protection provision, probably
Let’s see the flaws on the doors
Clever chips and smart silicone
Will the real Satoshi Nakamoto please stand up?