Monday, July 21, 2014

SMART POWER: In 2010, Russian Military Hackers Penetrated NASDAQ Stock Exchange With Intent to Wipe it Out

"Reset", indeed!

When the FBI notified Nasdaq of the intrusion, it turned out the company had detected anomalies on its own but had yet to report the attack. After negotiations over privacy concerns, Nasdaq agreed to let U.S. officials into its networks. Investigation teams arrived at the company’s headquarters at One Liberty Plaza in New York City and its data center in Carteret, N.J., where they found multiple indications of an intelligence agency or military.

The hackers had used two zero-day vulnerabilities in combination. A zero day is a previously unknown flaw in computer code—developers have had “zero days” to address it—that allows hackers to easily take remote command of a computer. It’s a valuable commodity, sometimes selling for tens of thousands of dollars in underground markets. The use of one zero day indicates a sophisticated hacker; more than one suggests government. Stuxnet deployed four—a sign that the code’s authors had done advanced reconnaissance and knew precisely how various systems worked together.

Whoever hit Nasdaq had done similar prep work and had similar resources. The clincher was the hackers’ malware pulled from Nasdaq’s computer banks. The NSA had seen a version before, designed and built by the Federal Security Service of the Russian Federation (FSB), that country’s main spy agency. And it was more than spyware: Although the tool could be used to steal data, it also had a function designed to create widespread disruption within a computer network. The NSA believed it might be capable of wiping out the entire exchange.

In early January, the NSA presented its conclusions to top national security officials: Elite Russian hackers had breached the stock exchange and inserted a digital bomb. The best case was that the hackers had packed their malware with a destruction module in case they were detected and needed to create havoc in Nasdaq computer banks to throw off their pursuers. The worst case was that creating havoc was their intention. President Obama was briefed on the findings.

And what did Obama do? I was going to construct a multiple choice answer involving golf, fundraising, and golf, but I think you already know the answer.

I've got an explanation for Obama's ambivalence about the Russians nuking an American stock exchange.

Hey, anything that can accelerate the Democrats' Cloward-Piven Strategy is probably just fine by Dear Leader!

Hat tip: BadBlue Tech News.

No comments: