Nasdaq breach allowed hackers to spy on company directors


In February, the Wall Street Journal reported that hackers had gained access to the Nasdaq computer systems but the exchange said that the hackers were not able to access customer information.

However, Reuters is now reporting that the hackers were able to monitor communications among directors of publicly held companies, according to people familiar with the Nasdaq investigation, which is being conducted by the FBI and the National Security Agency.

The Nasdaq hackers attacked the Directors Desk, a web-based software program used by corporate boards to share documents and communicate with executives. By infecting Directors Desk, the hackers were able to access confidential documents and the communications of board directors, Tom Kellermann, chief technology officer at security technology firm AirPatrol, told Reuters.

Investigators have learned that hackers were able to spy on scores of directors who logged onto before the malware was removed, said Kellermann and another person familiar with the investigation who was not authorized to discuss the matter publicly.

Commenting on the Reuters report, Paul Roberts with Kaspersky Lab Security wrote: “Systems that are used to run the nation's financial systems and stock markets are considered part of the US's critical infrastructure and are frequent targets of attack.”

What’s hot on Infosecurity Magazine?