NASDAQ out of date software helped hackers – report

NASDAQ out of date software helped hackers – report

Stock exchange had failed to apply some security patches

Article comments

NASDAQ’s ageing software and out of date security patches played a key part in the stock exchange being hacked last year, according to the reported preliminary results of an FBI investigation.

Forensic investigators found some PCs and servers with out-of-date software and uninstalled security patches, Reuters reported, including Microsoft Windows Server 2003. The stock exchange had also incorrectly configured some of its firewalls.

NASDAQ, which prides itself on running some of the fastest client-facing systems in the financial world, does have a generally sound PC and network architecture, the FBI reportedly found.

But sources close to the investigation told Reuters that NASDAQ had been an “easy target” because of the specific security problems found. Investigators had apparently expressed surprise that the stock exchange had not been more vigilant.

"You would have thought they [NASDAQ] would be like a cyber Fort Knox, but that wasn't the case at all," said one source, referencing the importance of the stock exchange to the global financial system.

The ongoing probe is examining NASDAQ’s Directors Desk software, which was breached. The software is used by company directors to share data for project collaboration.

NASDAQ’s vice president of IT services, Carl-Magnus Hallberg, said the hack had been “sophisticated” and used malware that was not well known.

The stock exchange did not provide further comment on the report, and the FBI had not responded to inquiries at the time of writing.

NASDAQ has invested heavily in IT security – including in advanced monitoring, encryption and system segmentation – and is understood to argue that a substantial increase in the number of Directors Desk customers demonstrates the market’s confidence in the product.

Executives at the stock exchange are understood to dispute some of the Reuters report. NASDAQ and the media company’s parent, Thomson Reuters, are data competitors.

The FBI investigation continues.

Now read: Nasdaq hack brings security issues into the boardroom

Share:

Comments

  • Daniel No this is why you install security updates An update thats not security-related might break things
  • Mag This is why you update your software You would think that NASDAQ would make sure that their software is update considering how important the stock exchange is
Advertisement
Send to a friend

Email this article to a friend or colleague:


PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.


We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

ComputerworldUK Knowledge Vault

ComputerworldUK
Share
x
Open
* *