Nasdaq Outage Could Be the Work of Hackers, Experts Say

DDOS attack, security breach, technical glitch, or human error?

  Nasdaq trading disrupted
On Thursday, the Nasdaq stock exchange suffered a serious outage that lasted for over three hours. The organization hasn’t provided any details regarding the causes of the incident, but many experts say this could be the work of hackers, especially since it wouldn’t be the first time a stock exchange is hit by cybercriminals.

On Thursday, the Nasdaq stock exchange suffered a serious outage that lasted for over three hours. The organization hasn’t provided any details regarding the causes of the incident, but many experts say this could be the work of hackers, especially since it wouldn’t be the first time a stock exchange is hit by cybercriminals.

Of course, the outage could have been caused by a technical glitch or human error, but a hack attack cannot be ruled out.

Gartner analyst Avivah Litan has told USA Today that this could have been a distributed denial-of-service (DDOS) attack, possibly launched by Izz ad-Din al-Qassam Cyber Fighters, who are known for targeting United States financial institutions.

“It's a very attractive target. It's very visible, and that's what these Iranian state attacks are all about, making a political statement by disrupting a visible website,” Litan said.

There are other indications that this might be the work of hacktivists or cybercriminals. The outage comes shortly after brokerage house Goldman Sachs reported a glitch that impacted trading.

“Well, so far this week there's been a computer error that caused Goldman Sachs to sell options for a dollar, and now this,” Sean Sullivan of IT security firm F-Secure told USA Today.

Sullivan highlights the fact that Nasdaq has recently suffered a data breach. Usernames, emails, and passwords were compromised at the time, but other than that, no details have been made public. 

The expert suggests that the breached Nasdaq community forum could have been utilized in a watering hole attack, similar to iPhoneDevSDK. The iPhoneDevSDK watering hole attack ultimately led to Apple being breached.

“Imagine the havoc which might be caused moving laterally across NASDAQ traders' computers,” Sullivan said.

As security expert Graham Cluley emphasizes, this wouldn’t be the first time a stock exchange is disrupted by cybercriminals.

In 2011, Nasdaq suffered a serious breach.

Two years ago, the Hong Kong stock exchange was hit by a DDOS attack, and in 2006 the Russian stock exchange suspended trading due to a virus.

“Is this latest problem at NASDAQ the work of hackers? At the moment, we simply don’t know. The outage could have been the result of sloppy programming, computer error or some other technical fault – or it may be the case that malicious hackers had a hand in the proceedings,” Cluley noted.

“One thing’s for certain. There are hackers out there with a vested interest in manipulating stock prices for financial gain or disrupting and sabotaging the United States economy.”

Comments