HACKING:
Cyber Attack,hacking news,Malware,NASDAQ hack,Russian hackers,zero day vulnerability,zero-day exploits
How Russian Hackers Placed "Digital Bomb" Into the NASDAQ
Cyber Attack,hacking news,Malware,NASDAQ hack,Russian hackers,zero day vulnerability,zero-day exploits
Four years ago, NASDAQ servers were compromised by Russian hackers, who were somehow able to insert a "digital bomb"
into the systems of NASDAQ stock exchange, which would have been able
to cause several damage to the computer systems in the stock market and
could bring down the entire structure of the financial system of the
United States.
Till now, identities of the hackers have not been identified by the
agencies who are investigating the whole incident from past four years.
However, it has been identified that the intruder was not a student or a
teen, but the intelligence agency of another country.
The Hackers successfully infiltrated the network of NASDAQ stock exchange with customized malware
which had ability to extract data from the systems and carry out
surveillance as well. However, a closer look at the malware indicated
that it was designed to cause widespread disruption in the NASDAQ
computer system.
MALWARE EXPLOITS TWO 0-DAY VULNERABILITIES
According to a magazine cover story, the malware that was actually used
by the hackers to infect NASDAQ servers exploited two mystery zero-day vulnerabilities.
The attack on the NASDAQ stock exchange was reported by Bloomberg Businessweek in its investigative cover story, "The Nasdaq Hack", which detailed the incidents took place at the NASDAQ leading up to the discovery of the inserted digital time bomb.
According to the magazine, it all started in October 2010, when the FBI
was monitoring the Internet traffic in the United States and noticed a
signal coming from NASDAQ, which indicated a malware infection. The most
troubling part was that the malware was actually an attack code, which
was created to cause significant damage, from another country’s foreign
intelligence agency.
In February 2011, NASDAQ stock exchange confirmed the breach to its network and notified its customers.
The feds alerted and warned NASDAQ officials, who already knew about a
compromise in their systems but had neglected to bother and inform
anyone about it. The U.S. National Security Agency (NSA) was called in
to help investigate the hack attacks against the company that runs the
NASDAQ stock market.
After a five-month investigation by the FBI, NSA, CIA and US Treasury
Department, it was uncovered that the malware used two unnamed Zero-day security flaws,
for which there were no patches existed. Rather, it is unclear that the
hackers targeted which software, and whether the hackers used these
zero-day vulnerabilities to infect NASDAQ systems or to exfiltrate data.
In fact, one of the forensic investigators described the NASDAQ servers
as “the dirty swamp,” because very few records were available that would
have revealed daily activities on the servers and helped retrace the
steps of the intruders.
"The agents found little evidence of a broader attack. What they did find were systematic security failures riddling some of the most important U.S. financial institutions. It turned out that many on the list were vulnerable to the same attack that struck Nasdaq. They were spared only because the hackers hadn't bothered to try."
Further analysis of the attacking code indicated that the malware
attacked the NASDAQ systems was similar in design to the malware written
by the Russian Federal Security Service for the purpose of spying and,
NSA agents says, had the ability to seriously disrupt the exchange's
activities.
But it is also possible that the malware which had been used belongs to
another country, Bloomberg notes. China was a primary suspect, for both
its intrinsic features and its ability to confuse an investigation.
Nasdaq spokesperson says that the malware did not reach the stock
exchange, as originally stated in the cover story headline. "The events
of four years ago, while sensationalized by Businessweek, only confirmed
what we have said historically: that none of Nasdaq's trading platforms
or engines were ever compromised, and no evidence of exfiltration
exists from directors' desks," said NASDAQ spokesman Ryan Wells.
Did this Post help you? Share your experience below.
Use the share button to let your friends know about this update.
DONATE! GO TO LINK: http://kosullaindialtd.blogspot.in/p/donate.html
Did this Post help you? Share your experience below.
Use the share button to let your friends know about this update.
WANT TO DONATE FOR SITE?
DONATE! GO TO LINK: http://kosullaindialtd.blogspot.in/p/donate.html
No comments:
Post a Comment