Russia’s official intelligence agency was accused of hacking into the Nasdaq stock market’s critical computer infrastructure in 2010 and planted a digital time bomb on their servers, a report from Bloomberg released today says.


Nasdaq computers touched by the dirty swamp

The event took place in what was called “the dirty swamp” of Nasdaq’s computer banks and touched the most critical technology the exchange had operated.  The scheme was uncovered through a massive investigation by five of the most influential agencies in government and ultimately led to the involvement of US President Barack Obama.

While damaging, the hacking incident did not compromise data or exchange operations according to Joe Christinat, an exchange spokesperson who contacted ValueWalk after we published our story.

In October of 2010, after a suspicious incursion was detected, a multiple agency investigation was launched involving the FBI, NSA, CIA, Defense, Treasury and Homeland Security departments.

Separate ValueWalk sources close to the incident indicate the conclusions drawn by the FBI and NSA were initially different and investigators from the different branches of government often operated without coordination. The source indicated that initially the US Treasury Department was kept out of the loop on the discussions.

By mid-2011, the Bloomberg report says, investigators began to conclude that the Russians weren’t just trying to sabotage Nasdaq, the report says. They wanted to clone it, either to incorporate its technology directly into their exchange or as a model to learn from.

Investigators provide sketchy details about the hackers

The initial assessment from investigators provided only sketchy details about the hackers’ identity, yet it only took minutes to agree that the incursion was so serious that the White House should be informed.  The president was told that Russia’s Federal Security Service (FSB), the nation’s spy agency and successor to the notorious KGB, deployed an elite computer hacking unit to do the deed, which pointed to those at the heart of the incident.

While the Nasdaq hack was successfully disrupted, the incident shows how vulnerable key financial infrastructure is to sophisticated hacking. Its not only financial exchanges, according to the report, but banks, chemical refineries, water plants, and electric utilities are digital assault targets.  The conclusion is the U.S. is not yet serious enough about being prepared “for a new era of conflict by computer.”  Late last year the FBI was reported to be investigating a computer hack attack against the CME Group. Separate sources have indicated that hedge funds and other “soft” financial targets are dangerously at risk, particularly those with weak computer security apparatus.

Nasdaq hackers used zero-day vulnerabilities

With the Nasdaq hackers used what was known as two “zero-day vulnerabilities,” so known in the hacking because security developers have had “zero days” to address the issue. The zero-day vulnerability allows a computer hacker to take remote control of a computer and indicates a highly sophisticated hacker.

What ultimately pinned Russia’s FSB to the crime scene, the report says, was a signature of sorts found in the hackers’ malware.  NSA investigators had seen a version of this software, using a particular configuration sequence, designed and built by Russia’s FSB.

What they discovered, however, was more than spyware.

Yes, the computer code was designed to steal data. But the malware also contained functionality designed to create widespread chaos within the computer network – a digital time bomb. The NSA had discovered the computer equivalent of a nuclear device they believe might have been capable of wiping out the exchange. Separate ValueWalk sources and speculation points to a flash crash as a possibility in economic warfare, making electronic market makers a vulnerable potential target.