Forgot your password?
typodupeerror
Security

The Hacking of NASDAQ 76

Posted by Unknown Lamer
from the tales-of-hacking-and-intrigue dept.
puddingebola (2036796) writes Businessweek has an account of the 2010 hacking of the NASDAQ exchange. From the article, "Intelligence and law enforcement agencies, under pressure to decipher a complex hack, struggled to provide an even moderately clear picture to policymakers. After months of work, there were still basic disagreements in different parts of government over who was behind the incident and why. 'We've seen a nation-state gain access to at least one of our stock exchanges, I'll put it that way, and it's not crystal clear what their final objective is,' says House Intelligence Committee Chairman Mike Rogers, a Republican from Michigan, who agreed to talk about the incident only in general terms because the details remain classified. 'The bad news of that equation is, I'm not sure you will really know until that final trigger is pulled. And you never want to get to that.'"
This discussion has been archived. No new comments can be posted.

The Hacking of NASDAQ

Comments Filter:
  • by Anonymous Coward on Thursday July 17, 2014 @12:49PM (#47476611)

    Would we even notice if it was hacked?

  • Security (Score:5, Insightful)

    by BitcoinBenny (3025373) on Thursday July 17, 2014 @12:56PM (#47476681)

    The security of the stock exchanges is really pretty bad. Low latency access means no firewalls and few application level checks. For the longest time people were sending ethernet raw packets...There is a perverse incentive not to properly secure exchanges because security is slow.

  • Exactly. Do your worst, black hats. The system's already rooted by Wall Street bankers.

  • by Cardoor (3488091) on Thursday July 17, 2014 @01:03PM (#47476749)
    i wonder what newly minted organization that will undoubtedly be called in to 'protect us' while stripping yet more privacy and liberties. (of course getting budgeted billions to do the job). oh wait - theyve already announced it. and it's the benevolent wisdom of the usual suspects that will save us all!
  • Re:Security (Score:5, Insightful)

    by gstoddart (321705) on Thursday July 17, 2014 @01:15PM (#47476867) Homepage

    There is a perverse incentive not to properly secure exchanges because security is slow.

    When so much profits depends on fast, direct access to skim money off the top with high frequency trading, these people do not want security.

    They want to be able to access the system directly, and security be damned.

  • That's not a perfect analogy, but it's not too far off.

    It's more like this. There's a classifieds forum which regular users can refresh once every 10 minutes. Special users with a paid subscription can refresh once per second.

    You post "Bicycle wanted, will pay up to $500" and someone else posts "Bicycle for sale, $400" then the speedy special user buys the bicycle for $400 and puts it up for sale for $500 before you or the seller can refresh (at best, when they're not doing even shadier things like spamming the forum with fake Wanted posts etc).

    Somehow this is supposed to produce value. I think it has a similar effect on the economy to either robbery or counterfeiting currency. I can see no way this produces any value.

  • by lgw (121541) on Thursday July 17, 2014 @04:37PM (#47478343) Journal

    You've got it completely backwards, is the thing. Don't worry, most people get this backwards, because they reason from "these guys must be evil" to "ahh, so it must work like this".

    It works like this. You want a bike, you don't have time to research the right price, you just hope the market price is OK:
    * Mr B posts "Bicycle wanted, will pay up to $500"
    * Mr S posts "Bicycle for sale, $600"
    * Special user says "OK, now buying bikes for $520, selling for $580"
    * You post "buying 1 bike, best price".

    You get the bike $20 cheaper. The market maker takes a risk here: that he can balance buys and sells, and not get left holding the bag when the price changes.

    But the story gets better:
    * Special user 2 says "Oh, I see you Special 1, I'm now buying bikes for $525, selling for $575, hey, $50 a bike is better than nothing.
    * Special user 1 says "Oh no you didn, Buying for $530, selling for $570"
    * Very quickly it's $550/$551.

    You get the bike for $551, $49 cheaper. I've seen this happen over the past 15 years, where the bid-ask gap shrank by that much on options. Competition is so fierce you see sub-cent pricing now: you'll get filled at $550.0001 or $549.9999 sometimes, because in very active markets these guys can make a killing with less then 1 cent profit.

    Do you see now why it adds value?

"The hottest places in Hell are reserved for those who, in times of moral crisis, preserved their neutrality." -- Dante

Working...