When an insidious malware was detected infecting the Nasdaq (NDAQ) back in October 2010, the resulting domino effect of shock, growing alarm, international finger pointing and, ultimately, a chaotic investigation process, was a slowly unfolding travesty that is only now becoming truly understood.
In an attack sophisticated enough to cause suspicion of multiple foreign governments' involvement, hackers exploited two zero-day vulnerabilities, ironically pulling the malware from within the Nasdaq's own computer banks. The malicious tool not only could be used to steal data, but also had the power to potentially wipe out the entire exchange, according to Bloomberg Businessweek's in-depth analysis of the incident.
In the “all source” investigation that ensued, the US NSA was joined by the CIA and the FBI, who uncovered that the hackers were targeting 13 servers containing the Nasdaq's most critical technology—technology so advanced that it has been licenced to countless other stock exchanges around the world. Though the malware is believed to have originated in Russia, despite years of investigation all that is known for certain is that a nation state gained access to the Nasdaq and it's not clear what their final objective was, despite the high level of potential damage that it represented.
What is clear, however, is the enormous wake up call to financial, governmental, and other major organisations across the globe: intelligence and risk management are crucial to navigating the new world of cyber attacks, espionage and warfare.
“If you take the attitude of prevention, you've pretty much already lost the battle,” Truman National Security Fellow, Bob Stasio, commented last week on television show, Bloomberg Surveillance, reflecting on the Nasdaq incident and how it has affected international cyber security.
Ernst & Young Americas Managing Director, Stephen Howe, agreed. “These are not isolated situations,” he added, “Cyber attacks are prevalent. You need to know where your most important data is, what could be subject to attack, and not only try to prevent it, but get after detecting it once it happens."
Howe also emphasised that organisational investment into cybersecurity is surging tremendously as such grave dangers are being recognised. "Companies are paying up for this, this is budgeted, it's that strategic.”