First we want to clear about the hack, as it is not a current one, In 2009, malware or something unusual traced down in the Nasdaq servers, after that a multiple agency investigation was launched involving the FBI, NSA, CIA, Defense, Treasury and Homeland Security departments.
Now, Bloomberg revealed that the Malware was not to spying or surveillance on the Nasdaq system, actually it was potentially capable of disrupting trading or even, in the NSA’s initial opinion, “wiping out the entire exchange.”
In the Agencies investigation it was detected that the malware which was being used in the Nasdaq servers was the work of an individual government, not any group of hackers, as a similar strain of malware was designed by the Russian FSB, but it is also said that this malware used could be used by any other country to confuse the investigation. China is a primary suspect behind this Malware.
Nasdaq Hackers used Zero-Day vulnerabilities to hack the systems, bloomberg reported.
What is Zero-Day Vulnerabilities?
Zero-Day is unknown or undisclosed flaw that used by an attacker take access to the affected system remotely, and Zero-Day also never caught by any Antiviruses, or any malware protectors, as they are undisclosed.
U.S. Representative Mike Rogers confirmed an attack “We’ve seen a nation-state gain access to at least one of our stock exchanges, I’ll put it that way, and it’s not crystal clear what their final objective is,” he said. “The bad news of that equation is, I’m not sure you will really know until that final trigger is pulled. And you never want to get to that.”
For a more detailed report, Read Bloomberg BuisnessWeek Report.