NASDAQ and BATS DDoSed

← Back to Stories (view on slashdot.org)

Posted by Unknown on Wednesday February 15, 2012 @04:18AM from the basement-dwelling-h4x0rs dept.

DMandPenfold writes with a quote from an article in Computer World: NASDAQ and BATS saw their sites disrupted during the day on Monday and Tuesday respectively. The sites host company news and share price data, as well as vital information on live service status on the exchanges. It is understood, however, that while the websites were affected, the stock exchanges continued to trade as normal with no change to trading. A spokesperson at BATS said the exchange's site had been hit with 'an external Distributed Denial Of Service incident.' Our trading systems were not affected and there were no exchange customer disruptions associated with the incident.' ... NASDAQ told the Wall Street Journal that on Tuesday it experienced 'intermittent service disruptions on our corporate websites.' It is not known who initiated the attacks. In 2010, NASDAQ's Directors Desk online scheduling application was compromised by hackers. An FBI investigation found that the stock exchange's aging software and out of date security patches played a key part in the problems."

6 of 16 comments (clear)

Min score:

Reason:

Sort:

Aging and out of date? by JustAnotherIdiot · 2012-02-15 04:24 · Score: 3, Insightful

You mean people on wall street take shortcuts? That's crazy talk.

--
What do I know, I'm just an idiot, right?
I knew it by kiwimate · 2012-02-15 04:35 · Score: 3, Funny

9:36 am - a story is posted on Slashdot: Megaupload Co-Founder Allowed Bail.
11:18 am - a story is posted about outages to high profile web sites.
And to think that people were asking what harm could it do to give the Megaupload guy access to the internet...
thats a joke by unity100 · 2012-02-15 04:48 · Score: 2

right ?

--
Read radical news here
Legacy Systems by alexander_686 · 2012-02-15 05:28 · Score: 2

Ok, there are a lot of bean counters on Wall Street that like to keep operating costs at a bare minimum.
That being said, whenever you upgrade the main trading desks all members need to update theirs. And I know a lot of them are running under legacy systems. i.e. very hold, highly customize platforms, using lots of different systems, patched over the years, sketchy documentation, and some are still on big iron. So guaranteeing thousands of firms will shift over cleanly is kind of a big hurdle.
The exchanges do not like to update there systems.
DDoS by chill · 2012-02-15 05:41 · Score: 2

The attack was directed against the web sites, not the trading machines. The original "notice" is here: http://pastebin.com/it77tAvs
This was a small bot net DDoS attack. Whether or not this could have been dealt with more efficiently by better routers/firewalls or HA configs, I don't know.
IMHO this is some script-kiddie types who are in it for the lulz. What it demonstrates is even the room-temperature IQ types can get a hold of some fairly potent DDoS tools. So, serious attention needs to be paid to upgrading their infrastructure and IT security in general.
It is a good time to be in the IT Security field, if you're looking for work.

--
Learning HOW to think is more important than learning WHAT to think.
1. Re:DDoS by VortexCortex · 2012-02-15 07:20 · Score: 2
  
  IMHO this is some script-kiddie types who are in it for the lulz. What it demonstrates is even the room-temperature IQ types can get a hold of some fairly potent DDoS tools. So, serious attention needs to be paid to upgrading their infrastructure and IT security in general.
  Although that may be the right response, it's also likely to produce the wrong response: Outlaw pen-test suites, and require a license and background check for anyone using said software... Making your own "high frequency" site scraping software? You're probably a terrorist...
  I do agree though, its not just Wall Street, but also 6th Street. You would (or wouldn't) be surprised at the lack of security in the businesses handling our mortgages and other loan origination work. Hell, I know for a fact that a good portion of the business itself, esp. loan origination and processing, is not only failing to follow best security practices, but is being done in violation of HUD regulations -- Work is being outsourced to unlicensed over-seas establishments, and it's costing us money in both audits and fraudulent charges. My loan had a $3000 processing fee charge that was refunded to me when I cited that they weren't allowed to charge me the fee under the new regs since they had outsourced the processing.
  I once turned on my laptop in a restaurant to check my schedule and accidentally connected to an unsecured "linksys" SSID, I didn't realise it until I closed a few windows and saw a SAMBA folder I had left open displaying 30+ shared folders, one labelled: "Loan Application Scans". Turns out there was a small home mortgage company next door down. I disconnected immediately, but I'm sure there was plenty of confidential info therein. After my meal I tried to talk to someone there, but they actually don't have an IT person on hand, it's outsourced to India... One of their somewhat network literate staff thinks "workgroup" == "security". He demonstrated that the secretary's WindowsXP machine couldn't see any of what I said I saw... then I asked him how I knew the names of the other "invisible" folders then? I told him Debian didn't care about those workgroups...
  The problem is rampant in all forms of business, big and small. By some strange coincidence I just happen to stumble upon mortgage & lending company SNAFUs.