Nasdaq System Compromised By Hackers


Computer hackers have breached the systems of the company that runs the Nasdaq stock exchange in New York but did not penetrate the part of the system that handles trades, Nasdaq said Saturday.

The exchange’s operating company, Nasdaq OMX, said in a statement that it had discovered suspicious files on its United States servers, and that it immediately began conducting an investigation in conjunction with outside firms and federal law enforcement agencies.

Government and law enforcement officials with knowledge of the investigation said it was being handled by the F.B.I.’s cybercrimes branch along with the Justice Department. These officials also said it appeared that the trading platform was not breached.

An attack on banks and other pillars the financial system has long been a top fear of government officials because of the potential for harm to the economy.

Nasdaq is one of the country’s largest stock exchanges, and many of the nation’s most important companies use it to list their shares for trading. If there were evidence that hackers could breach the inner trading systems, it could cause jitters among the companies listed on the exchange and the traders and investors who buy and sell millions of shares each day.

But Nasdaq and market experts said there was an important distinction between the parts of the system that are connected to the Web, and thus more vulnerable, and the architecture for the trading platform, which Nasdaq says operates independently.

The company said it had determined that a Web-based application on its servers called Directors Desk, on which corporations can store and share information, might have been affected. Nasdaq said the suspicious files “were immediately removed and at this point there is no evidence that any Directors Desk customer information was accessed or acquired by hackers.”

“At no point was any of Nasdaq OMX’s operated or serviced trading platforms compromised,” the company said.

The company’s Web site says Directors Desk has 5,000 users.

A spokesman for the company said it discovered the suspicious files late last year.

The fact that investigators discovered suspicious files suggests that the breach involved the installation of malicious software, or malware, said Ed Stroz, a former FBI agent who is co-president of Stroz Friedberg, a firm that investigates cyberattacks.

In attacks on companies, Mr. Stroz said, hackers often plant malware that acts as a back door, which allows them to deliver other malicious programs to do other tasks, which could include copying sensitive data and delivering it to the intruder.

Malware could have been installed any number of ways, including with an attack through the Web interface of Directors Desk or by infiltrating an executive’s computer by tricking him into opening an attachment or clicking on a link to a malicious Web page in an e-mail.

Nasdaq now handles about 19 percent of stock trading in the United States, compared with 27 percent by the larger New York Stock Exchange and its electronic trading arm.

In a statement, the New York Stock Exchange said: “We take any potential threat seriously and we continue working at the highest levels of security and integrity.” The N.Y.S.E. would not say whether there had been any attempts to breach its systems or whether it had been contacted by federal investigators.

News of the breach was originally reported in The Wall Street Journal.

Nasdaq said it had refrained from notifying its customers of the breach at the request of the Justice Department, “in order to facilitate the continuing investigation,” but that when the Journal article appeared it consulted with authorities and decided to send out notice.

The Journal article said the investigation showed some evidence pointing toward Russia. One government official said investigators were specifically looking into that possibility, although the official said, “I don’t know what the basis for the belief is.”

The stock exchanges and the trading that takes place on them have become increasingly computerized, potentially making them more vulnerable to manipulation or attack. Like Nasdaq, the N.Y.S.E. has also adopted more electronic trading. And in the last five years or so, other electronic exchanges like Direct Edge and BATS Exchange have arisen, intent on prying trading away from the two bigger markets. Direct Edge and BATS each handle about 10 percent of the market.

A spokesman for the BATS Exchange said it had never had any hacking issue of this kind.

A spokesman for Direct Edge, Rafi Reguer, said it was continually monitoring its systems but was not aware of any serious attempt to penetrate its computers.

(Source: NY Times)