Slashdot Mirror

← Back to Stories (view on slashdot.org)

Computer Virus Fells Russian Stock Exchange

Posted by Zonk on from the doesn't-pick-up-after-itself dept.

azav wrote to mention the New Scientist story detailing the computer virus that brought down the Russian Stock Exchange. From the article: "As the world waited for one computer virus to strike on Friday, another wriggled its way into the Russian stock exchange and knocked it offline. Computer experts had warned that 3 February could bring gloom for many as a computer virus called Nyxem was scheduled to start deleting files on machines it had infected."

23 of 133 comments (clear)

  1. stupid... by advocate_one · · Score: 4, Interesting

    we have a testing machine... connected to the internet of all things... AND connected to the same network the production system is running on... and evidently it's running on ms-windows...

    --
    Donald 'Duck' Dunn: We had a band powerful enough to turn goat piss into gasoline.
    1. Re:stupid... by putko · · Score: 3, Insightful

      Standard practice at banks is two physically separated networks -- production & test.

      I don't know why the exchange would be any different.

      But things at banks and exchanges are very ninja-rigged. E.g. build an automated trading client that sumits multiple trades a second and the exchange is likely to ask you to do some rate-limiting -- their systems won't be able to handle it.

      --
      http://www.thebricktestament.com/the_law/when_to_s tone_your_children/dt21_18a.html
  2. Wargames by digital-madman · · Score: 4, Funny

    Virus? I wanted to play Global Thermonuclear War....

    --
    A bullet sounds the same in every language. So stick a fucking sock in it...
  3. Russia has a stock exchange? by heatdeath · · Score: 4, Funny

    And they use computers? This is excellent news!

    --
    I'm sorry. The number you have reached is imaginary. Please rotate your phone 90 degrees and try again.
    1. Re:Russia has a stock exchange? by cgenman · · Score: 2, Funny

      And it runs Windows?

      Why have I been wasting my life working? Excuse me for 10 minutes while I write a very small shell script...

      --
      The ______ Agenda
  4. the obvious response by know1 · · Score: 4, Insightful

    i know there will be people saying "oh my, running windows, sucks to be you" but if you look past the trollishness of these posts they actually have a point in this case. running windows as anything mission critical is stupid, it's a desktop system at heart, and an unstable one at that. running the bloody stock exchange on it is suicidal. theres always some dick who opens that dodgy email, so if your net is that important run the mission critical servers at least on some flavour of unix

    1. Re:the obvious response by Herschel+Cohen · · Score: 2, Insightful
      You are assuming that they are running Windows based only upon the breakin seems to fit the pattern. However, nowhere could I find any reference to the OS employed. Did I miss it?

      Other OSs are not immune to security breaches. Moreover, I am surprised any securities trading firm would use anything other than a Unix like OS. Hence, if Windows were really used it would be a significant portion of the story that was neglected, i.e.: "how did it get there?".

      Does anyone know with certainty that Windows (whatever name) was the OS used in this instance?

  5. But Russia has good hackers... by caluml · · Score: 3, Interesting

    This is ironic, as Russia has arguably some of the best computer security experts in the world. Those that know how to exploit the holes can also advise how to secure against threats. I wonder if it's due to talented Russians leaving the country to work abroad?

    --
    Get your own free personal location tracker
    1. Re:But Russia has good hackers... by szlevente · · Score: 2, Insightful

      Not necessarily. Having the best security experts does not mean that they are also going to be hired as consultants for the stock exchange. Such juicy positions usually go to those having the best connections, not the best expertise.

  6. You let M$ near your cash? by AHuxley · · Score: 5, Insightful
    Why connect a consumer operating system to any part of a financial hub?
    Did someone want to play a game?
    Download a funny clip?

    Did you learn nothing from the cold war?
    http://it.slashdot.org/article.pl?sid=04/03/02/071 9247

    M$ is the Trojan horse, you add it to your systems and anyone can just walk in.

    --
    Domestic spying is now "Benign Information Gathering"
    1. Re:You let M$ near your cash? by benjamindees · · Score: 4, Interesting

      the CIA, backed by President Ronald Reagan, aimed to bring down the Russian economy with dodgy software.

      too.. many.. jokes...

      --
      "I assumed blithely that there were no elves out there in the darkness"
  7. Re:What stock exchange? by ktulu182 · · Score: 5, Informative

    Are you living in a cave? Russian stock market almost doubled last year. It was the most profitable stock market in the world in 2005.

  8. Re:Name typo? No, it's intentional by noliver · · Score: 2, Interesting

    Actually, it's an intentional change. A washington post article posted on /. a few hours ago explains:

    [The choice of the name Blackworm] runs counter to the naming conventions of the anti-virus community, which generally goes out of its way to bastardize the name it thinks the virus or worm author would like its creation to have. (For example, "Nyxem" was derived by transposing the letters "m" and "x" in "Nymex," which is the common shorthand term for the New York Mercantile Exchange, the worm's original target.)

  9. Re:Ah, but they didn't say.... by TIMxPx · · Score: 3, Funny

    It's four 286s and an Apple IIe in Vlad Putin's cousin's basement.

    --
    There are 10 kinds of people in the world: That averages about 660,000,000 of each kind.
  10. Re:I have a really hard time understanding... by masklinn · · Score: 4, Insightful

    I'm not defending Microsoft, I'm merely saying that this kind of behaviour is childish, stupid and unproductive.

    If you want to attack Microsoft, do it while still respecting what shall be respected (the name of the company), attack them on their security record, on their monopolistic behaviour, on their lobbying methods, on the personality or missteps of their leaders, that's fair game, and that's sometimes productive and at least somewhat interresting.

    Oh, and everyone deserves to be defended btw, no matter who one is or what one did, one deserves a fair trial.

    --
    "The way we can tell it's C# instead of Haskell is because it's nine lines instead of two." -- wadler
  11. Obligatory... by David+Horn · · Score: 3, Funny

    In Russia, stock exchange fells you!

    --
    PocketGamer.org - For the gamer on the go!
  12. Groupthink (was: the obvious response?) by Gary+W.+Longsine · · Score: 4, Interesting
    running windows as anything mission critical is stupid, it's a desktop system at heart, and an unstable one at that. running the bloody stock exchange on it is suicidal.
    Although that might be a reasonable and rational statement on the surface, the fact is that Windows systems are now at the heart of critical systems everywhere. Although I'm surprised to see them playing such a critical roll in a stock exchange, I'm only a little tiny bit surprised, and mostly ashamed of my own instinctive reaction.

    When these decisions are being made, you may feel as though you're stuck in a slow-motion sequence in a horror film, leaping to save someone, someone very beautiful that you could care about deeply if only you knew them a little better, someone who doesn't deserve to be eaten alive by a vicious monster, or maybe they do, but you just don't know it, anyway you don't know it and you didn't thnk of that until later, much later, after years of therapy in fact, all the while, leaping in futile slow motion to save a fatefully doomed monster victim, certain of their inevitable doom, crying "Nooooooo!" at the top of your lungs to no avail, due to the slow-motion and your voice having been run through an under-water pitch-reducing distortion filter. Yet another heroine devoured by the monster, just out of arms reach... You think to yourself, "If only... If only... If only I hadn't been stuck on slow motion..." when suddenly realize you're not alone, and you're thinking out loud, reliving the nightmare.

    At this point a friend interrupts your navel gazing to say, "The monster would have eaten you too. Don't feel so guilty." whereas the cliche movie therapist would say, "How does that make you feel?" If you hear the former response, you're probably in meatspace, the latter, and you're still either dreaming or you really are a character in a horror film, and the monster is about to come crashing up through the floor or in through the window and eat your therapist.

    Windows systems can be found:

    • running U.S. Navy warships
    • running medical imaging, monitoring, and other life-critical devices
    • running train control systems
    • running nuclear power plants
    • running ATM networks and other aspects of the banking system

    Although it might be true that no rational and informed person would set up such critical systems on a system with the stability and security track record of Windows, remember that such decisions are typically made by a bureaucracy, not by rational and informed individuals. The field of psychology has studied this phenomenon and call it "groupthink".

    Groupthink
    Wikipedia on Groupthink
    A First Look at Communication Theory (Ch. 18, 3rd Edition)

    --
    If you mod me down, I shall become more powerful than you could possibly imagine.
    1. Re:Groupthink (was: the obvious response?) by SgtChaireBourne · · Score: 3, Interesting
      Regarding the US Navy warships,

      1. Newport News Shipbuilding is awarded a contract for the first of the new "Ronald Reagan" class of aircraft carriers.

      2. Bill Gates gets out his check book and instantly becomes the second largest stockholder (owner) in Newport News Shipbuilding.

      3. Newport News Shipbuilding selects Microsoft to develop the warfare systems. Microsoft, a company with no experience in warfare systems, and a reputation for unstable, insecure software, will base the Ronald Reagan's warfare systems on an unproven operating system with 63,000 known bugs . . err, oops, I meant "points of focus" - Windows 2000.

      4. Press releases were sent out assuring us Bill Gates' huge investment had nothing to do with the decision. So see there, Doreen - what we did last month had nothing to do with your pregnancy - it's right here in my press release.

      5. Once Newport News is in too deep to bail out, Bill Gates will be free to sell his stock holdings and use the money to make sure some other company makes the "right" decision.

      -- http://www.aaxnet.com/news/M000714.html

      group think is definitely a factor, but there is also Chairman Gates' investments to think of .

      Along the same lines, back before The Register got all soft on Gates, the posted his major purchase. Actually it was made by his investment firm, such firms being almost textbook examples of group think, it was the deciding piece in realizing the US would soon enter protracted war. Such stocks are only 'undervalued' if prolonged war is planned. It's not like a shipyard can just squeeze out a carrier or two per quarter.

      --
      Beta is broken and the link to classic doesn't work. Stop wasting our time or there won't be anybody left here.
    2. Re:Groupthink (was: the obvious response?) by Gary+W.+Longsine · · Score: 2, Informative

      Agreed, in general they tend to work very well. Like the Space Shuttle -- which doesn't involve Windows so the example may allow you to see past the particulars of this incident, to my point.

      Note that one of the groupthink articles I mentioned discusses a Space Shuttle accident (Windows not implicated). A characteristic of that event was that there were plenty of warning signs that were ignored, "hey maybe it's not such a good idea to have a jet of burning gas flaming out of the joints of the solid rocket boosters and pointed at the hydrogen tank". It seems obvious in retrospect. When a worm disables the computer systems of a warship in battle that might seem pretty obvious in retrospect, too. But hey, for now they are working very, very well!

      It's also worth noting (I thought it was obvious, but apparently not) that there exist well-known examples of failures in many if not all of these systems, due to Windows security vulnerabilities including nuclear power plants. Many such incidents were coincident with worm attacks. Less-critical but very expensive failures of cash register networks, airline ticketing systems and so forth are also well known. Although perhaps not life threatening, they are very, very important to the businesses involved -- business critical is the phrase the MBA types use -- and can result in extreme financial damage to a business.

      The question so many people ask is why? The answer, I suggest, lay partly in the decision making process of organizations.

      I hope that clarifies the fact that I'm not blindly bashing Microsoft here, I'm mere suggesting that they have a long, long track record of quality and security issues which are not completely considered in the decision making processes which lead critical systems to be based thereupon.

      --
      If you mod me down, I shall become more powerful than you could possibly imagine.
  13. Re:'computer' virus crashes Russion Stock Exchange by heinousjay · · Score: 2, Funny

    Because we don't like you.

    --
    Slashdot - where whining about luck is the new way to make the world you want.
  14. Re:Brave (This is not a snide response) by Herschel+Cohen · · Score: 2, Interesting
    Quite a while ago, I got a chilling view of how much effort MS was putting into perfecting "fallover" coding where for example a database server failed, would be automatically replaced by a mirrored standin. Though these efforts were targeted at database applications, which trading systems are a natural subset, in principle if this program were a success there would be little reason not to use Windows needing 24/7. However, what makes you think the Russian eschange would need such round the clock support?

    The reason not to have Windows in charge would security related. However, even there one could argue that if set up properly that concern would be obviated. Nonetheless, the tardy response that characterizes Microsoft too aptly (other than in rhetoric) and cost would be the reasons not to use their option.

    Windows has improved, so much so that the first time I used Windows NT 4 on assignment I did not reboot the machine, because there were no machine lockups. I last saw a blue screen of death on a network back when Windows was at best an environment: Win 3.x. It was only later when my results sets returned radically altered, without seeing any reason in my query code changes, taught me that Windows had developed a more subtle failure mode. Thereafter, reboots every week whether needed or not.

    One last point: no where in the article could I find what OS was actually being used. Are you presuming it was Windows or did you see some text I missed?

  15. The Yorktown by westlake · · Score: 4, Informative
    Except when the computers on the warship crashed and forced the Navy to tow it back to port. But, you know, other than a catostrophic crash everything is running great

    This has become tiresome.

    The Yorktown (CG-48) was in 1997 a test-bed for the Navy's Smart Ship program. USS Yorktown (CG-48) Test-beds are driven to failure. In 2004,the year of her retirement, Yorktown was assigned to Strike Group Wasp, a vote of confidence, I would think, in the vessel and in the technology. USS Yorktown Deploys as Part of Expeditionary Strike Group

  16. Headline wrong by J.+Random+Luser · · Score: 2, Funny

    It should read: Russian Exchange trades in Computer Viruses

    acording to this story on Arstechnica. Altho' I'm getting a 500 error on their eweek reference...