Nasdaq hackers gathered listed companies' secrets

[InfoSec News <alerts () infosecnews org>]

http://www.smh.com.au/it-pro/security-it/nasdaq-hackers-gathered-listed-companies-secrets-20111021-1mb7u.html

By Jim Finkle
The Sydney Morning Herald
October 21, 2011

Hackers used the stock exchange's DirectorDesk app to spy on others.

Hackers who infiltrated the Nasdaq's computer systems installed 
malicious software on the exchange's computers that allowed them to spy 
on scores of directors of publicly held companies, according to two 
people familiar with an investigation into the matter.

The emerging details further highlight the increasing threat hackers 
pose to corporations with a rash of highly sophisticated attacks on 
high-profile companies and financial institutions from Googl, to 
Citigroup and the International Monetary Fund.

Nasdaq OMX Group disclosed in February that its system were hacked last 
year. That sparked an investigation involving the FBI and the US 
National Security Agency that is ongoing. Advertisement: Story continues 
below

The attack on Nasdaq is an example of a "blended attack," where hackers 
infiltrate one target in order to facilitate access to another. In March 
hackers stole digital security keys from EMC's RSA Security division 
that they later used to access the networks of defense contractor 
Lockheed Martin.

[...]


_____________________________________________________
Subscribe to InfoSec News - www.infosecnews.org
http://www.infosecnews.org/mailman/listinfo/isn