Enterprise Strategy Group | Getting to the bigger truth.TM

NASDAQ Hack Just Another Example of Cyber Security Vulnerabilities

In a weekend highlighted by banal football chatter, a critical news story received minimal attention. Beyond Packers, Steelers, and new Bud Light commercials, the Wall Street Journal reported a security breach of NASDAQ last Friday. Apparently, hackers penetrated the NASDAQ OMX Group which runs a service providing “secure” communications between public companies and their boards. The target application known as “Directors Desk” is a privately-run collaboration system for corporate mucky-mucks.

This breach is yet another example of what cyber security is all about. These guys knew what they wanted (i.e., insider information) and found a way to get it. I read through a number of stories about this breach and none of them indicated when this breach took place. The bad guys could have been intercepting confidential communications for months or years. Imagine how much money you could have made if you had access to board of direction-level banter for the past 6 months? That’s likely what took place here.

In the recently-published ESG Research report, “Assessing Cyber Supply Chain Security Vulnerabilities Within the US Critical Infrastructure” (available for free download at www.enterprisestrategygroup.com), 68% of the critical infrastructure organizations surveyed had experienced at least one security breach over the past 12 months. As of Friday, we can officially add NASDAQ to this list. I hope that this breach scares the heck out of CEOs, corporate boards, Wall Street, and congress. Many public and private organizations are sitting ducks in an increasingly insidious cyber security landscape.

Does anyone else hear a ticking time-bomb?

Related posts:

  1. Are Critical Infrastructure Organizations Unaware of Security Incidents?
  2. New ESG Research Report Points To Security Vulnerabilities In the US Critical Infrastructure
  3. Corporate Executives Remain Lukewarm on Cyber Security
  4. WikiLeaks, Critical Infrastructure, and Cyber Security
  5. Critical Infrastructure Organizations Want Cyber Security Help From the Government

Tags: , , , ESG Research, , NASDAQ, network security

All views and opinions expressed in ESG blog posts are intended to be those of the post's author and do not necessarily reflect the views of Enterprise Strategy Group, Inc., or its clients. ESG bloggers do not and will not engage in any form of paid-for blogging. Click to see our complete Disclosure Policy.

Add a comment

Search
© 2011 Enterprise Strategy Group, Milford, MA 01757 Main: Fax:

Switch to our mobile site