Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

NASDAQ Halt: System Glitch or Hack?


August 23, 2013 02:00 PM

In our modern world, where we're all hyper-sensitive to the relentless onslaught of cyber-attacks, any time a major site, service or piece of infrastructure stops working properly, the immediate speculation is that hackers are to blame.

On the afternoon of Thursday, Aug. 22, the NASDAQ exchange halted trading for nearly 4 hours. The exchange publicly identified the root cause of the issue as being related to trouble with the Unlisted Trading Privileges (UTP) Securities Information Processor (SIP) quote dissemination system.

What we don't know at this point is why there was trouble with the UTP SIP quote dissemination system. Was it just human or system error? Or was it the action of a malicious actor?

Personally I'm not so sure. But let's explore.

Chester Wisniewski, senior security adviser at Sophos, told eWEEK that anything at this point is simply speculation.

"There is no reason to believe this is hacker related, particularly related to DDoS," Wisniewski said. "This doesn't mean someone hadn't infiltrated the NASDAQ's network or planted malware within critical systems, but unless NASDAQ says more, it is purely speculative and not grounded in any facts."

Stock exchanges have been a target for hackers before. In a session at the RSA security conference earlier this year, Ziv Gadot, Security Operations Center (SOC) team leader at Radware, had a talk titled, "Stock Exchanges in the Line of Fire—Morphology of Cyber-Attacks." I spoke with Gadot at the time and asked him specifically about the big New York exchanges and the risk to them. In 2011, the NASDAQ Director's Desk application used by the exchange to share information was in fact hacked by attackers, who planted an eavesdropping tool.

Again, no direct tie or official word here to the incident that occurred yesterday.

It's also important to remember here that sometimes a technical "glitch" is just that. The NASDAQ quote dissemination system is a highly available system with extreme levels of concurrency and throughput. Every trader and trading system wants the same data at the same time, and sub-microsecond delays are not acceptable. It's a very complex and sophisticated system. With that complexity, the risk of error (human or system) will always exist.

Sometimes, "a rose is just a rose" and perhaps that's the case with the NASDAQ trading halt incident too. Time will tell.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center
CyberPedia