The Websites of the NASDAQ and BATS stock exchanges as well as the Chicago Board Options Exchange (CBOE) were knocked offline for parts of Monday and Tuesday after coming under a sustained online attack by a group with links to Anonymous.
Trading on the exchanges continued unabated on Monday and Tuesday and spokespeople for both BATS and NASDAQ made public statements indicating that the distributed denial of service (DDOS) attacks did not touch their trading systems, according to a report by Reuters. Gail Osten, director of corporate communications at CBOE told Threatpost that their trading systems were also untouched by the denial of service attack, which took down their public Website for part of Monday. A group that claims ties with Anonymous claimed responsibility for the attacks.
Visitors to the Web pages nasdaq.com and a separate site: nasdaqtrader.com , as well as batstrading.com and cboe.com were unable to view the sites for parts of the last two days. A group calling itself LONGwave99 claimed credit for the attacks, which were dubbed “Operation Digital Tornado” in a post on the Web site Pastebin.com on Sunday and through a Twitter account. The group said it was acting in support of the “99% movement,” a possible reference to the Occupy Wall Street movement.
“The US government has applied every suppressive effort along with using its News imperialism to survive the effects of this movement,” the statement reads. “But they must know that the 99% movement if possibly suppressible (sp) will never ever be annihilable (sp). Will anybody be able to stop the people’s storm of seeking justice against the liar and deceptive Capitalism-Liberalism? Soon we will see…”
The group also claimed to have launched an attack on the Miami Stock Exchange as part of the operation. Calls and e-mail messages to the Miami Stock Exchange were not returned prior to publication.
A post on the account of @TheAnonMessage, which is affiliated with the loose, anarchic hacking collective, claimed that Anonymous worked in cooperation with LONGwave99 to take down the NASDAQ Web site, but no proof is provided.
The attacks are the latest to target the nation’s financial and trading systems. An attack on the NASDAQ Exchange in 2010 resulted in unknown, remote attackers gaining access to a a web-based application serving some 5,000 users on which corporations store and share information. A subsequent report claimed that the hackers installed monitoring software that allowed them to spy on the doings of corporate directors.
That incident was investigated by the NSA as well as the FBI. Lax security was believed to be the cause of the breach, with NASDAQ’s Directors Desk systems lacking up to date firewalls and running vulnerable software applications and operating systems, a report found.
The latest attacks appear to be more symbolic, though also more widespread. Osten of CBOE said it was the first attack against that exchange, the largest U.S. options exchange, in at least three years. She said the attack Monday was limited to the CBOE public Web page. “I know that it created a problem, but not one related to trading,” she said.