Nasdaq attackers spied on companies

The systems of the company that operates the Nasdaq Stock Market were breached many times last year, but the actual trading platform was never compromised.

A subsequent investigation into the matter lead by the FBI and the National Security Agency at first couldn’t discover what exactly the intruders were searching for, and since no evidence of tampering was unearthed, the theory was that they were simply reconnoitering the systems for future attacks that will be more to the point.

But now, sources familiar with the investigation have come forward and revealed that the hackers did more than just scouting – they have actually installed malicious software that allowed them to spy on communications between executives and board members of publicly held companies and peek into documents exchanged via Directors Desk, a Web-based management suite for Boards of Directors.

According to Reuters, it is still unknown for how long they were able to do that before the compromise was discovered and the spyware removed. Consequently, it is also unknown what information the attackers have managed to get their hands on and how it was misused.

As Nasdaq CEO Robert Greifeld previously admitted, the Exchange is constantly under cyber attacks and the company is always vigilant and spends almost a billion dollars per year on defending it.

If that’s true, it really is a sobering realization that in spite of all of that attackers still managed to breach the systems and keep the compromise secret for who knows how long.