[ISN] NASDAQ Breach: Lesson for Banks

From: InfoSec News <alerts_at_private>
Date: Mon, 14 Feb 2011 03:23:24 -0600 (CST)
http://www.bankinfosecurity.com/articles.php?art_id=3342

By Tracy Kitten
Managing Editor
Bank Info Security
February 11, 2011

Could real-time forensics have helped uncover the NASDAQ breach sooner?

It's unclear how long cyberhackers breached and prowled NASDAQ's network 
and systems. According to NASDAQ, the investigation continues. In a 
statement posted to the company's website, NASDAQ says, it "was honoring 
the U.S. Government's request to delay notification, but when a story 
ran in the media on Saturday, February, 5, 2011, regarding a hacking 
incident at NASDAQ OMX, we immediately decided, in consultation with the 
authorities, that we must inform our customers."

Industry experts wonder whether the use of real-time forensics might 
have detected or even prevented this incident. The Wall Street Journal 
reported that NASDAQ hacks were reported in October and November to the 
Securities and Exchange Commission. But nothing about when the systems 
were first accessed or how often they were visited has been released. 
Director's Desk, a NASDAQ subsidiary that offers Web-based tools to 
executives and board members, seems to have left the gap hackers 
exploited.

NASDAQ goes on to say that no evidence suggests customer information or 
any of NASDAQ's trading platforms were compromised.

[...]


___________________________________________________________      
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/
Received on Mon Feb 14 2011 - 01:23:24 PST

This archive was generated by hypermail 2.2.0 : Mon Feb 14 2011 - 01:26:46 PST