Following a string of confidence-shaking cyberattacks on stock exchanges across the globe that affected their operations, 57 stock, futures, and options exchanges have come together to collaborate on cybersecurity best practices. I guess they've come to the same conclusion expressed in a coinage attributed to Benjamin Franklin: "We must, indeed, all hang together, or assuredly we shall all hang separately."
A hair-raising example of how vulnerable the exchanges are came in August when NASDAQ’s systems were besieged by more than double the amount of data they could process. The data torrent, abetted by a software design flaw, caused a three-hour stoppage in trading for thousands of U.S. stocks. Though the culprit was eventually revealed to be human error instead of a cyberattacker, the event revealed one avenue that a crafty hacker could exploit.
The new group, a committee established under the aegis of the World Federation of Exchanges, will try to figure out how to best share information on attackers, their tools, and attack trends, as well as techniques and technologies for fighting off attacks. It’s easier said than done, explains Mark Graff, NASDAQ's chief information security officer and chairman of the new working group. “When I took the job at NASDAQ, I found it was easy to connect with people within the [U.S.] financial community,” Graff told Computer World. “But I just couldn't see who my opposite numbers were in exchanges overseas,” he said.
G-20 Governments in Hackers’ Crosshairs
Researchers at online security firm FireEye say that In the month leading up to the G-20 Summit in September, hackers they presumed to be Chinese nationals broke into the computer networks of five European foreign affairs ministries. FireEye was temporarily able to monitor the activity of the attack, which it calls Ke3chang, via one of the command-and-control (CnC) servers the hackers used. The campaign began with a series of spear-phishing e-mails laced with a malicious attachment called US_military_options_in_Syria.zip. The attackers knew that the targets would go for the bait because in the run up to the G-20 meeting, the world’s attention was focused on the Syrian civil war and whether the United States would intervene in response to the use of chemical weapons.
For a few days, FireEye researchers were able to snoop on one of the at least 23 different CnC servers the hackers used. They saw 21 compromised computers connect to that server.
In Other Cybercrime News…
- A hacker who tried to make money by selling access to several corporate, university, and government computer networks—including two supercomputers at the Lawrence Livermore National Laboratory—fell into a familiar trap. It just so happened that the person on the other end of a US $50 000 transaction that would have given the buyer access to the Lawrence Livermore machines was an undercover FBI agent. This week, 24-year-old Andrew Miller, hacker and police-procedural TV show stereotype, was sentenced to 18 months in prison.
- The makers of a popular Android flashlight application apparently kept users in the dark about its money-making side business: covertly tracking the locations of “Brightest Flashlight Free” users and selling that information to advertising firms. The company, Goldenshore Technologies, reached a settlement this week with the U.S. Federal Trade Commission, which threatened to come down hard on the app maker.
- AT&T cares about you. So much, in fact, that the company refuses to issue a transparency report providing details regarding what data it has turned over to the U.S. National Security Agency. In a letter to the Securities and Exchange Commission, AT&T says that telling the world about the extent to which it divulged information about its customers would upset its efforts to protect its customers’ privacy. You can’t make this stuff up.
- Eight of the world’s leading tech companies—Facebook, Apple, and Google among them—have created a new coalition whose aim is to provide pushback on U.S. surveillance practices. The group, Reform Government Surveillance, says that tactics such as National Security Letters, which demand that a company turn over data about customers and keep quiet about it, undermine trust in the companies and in the Internet as a dependable medium for communication and commerce.
- Kaspersky Lab’s ThreatPost reports that Open WhisperSystems’ TextSecure protocol has been integrated into an app that will bring end-to-end encrypted text messaging to 10 million Android users.
Willie Jones is an associate editor at IEEE Spectrum. In addition to editing and planning daily coverage, he manages several of Spectrum's newsletters and contributes regularly to the monthly Big Picture section that appears in the print edition.