Wednesday, October 05, 2011

@Anonymous's war against the New York Stock Exchange

The hacker collective known as "Anonymous" (sic) has declared war on the New York Stock Exchange (NYSE), promising to "erase" it from the Internet this October 10th (in support of #OccupyWallStreet). Should we be afraid of this threat?

No. Hackers who can, do. Those who can't, make threats.

The most likely threat would be a massive DDoS attack, like that Anonymous did against PayPal. In that attack, they posted a program called LOIC on various forums. Activists downloaded it, ran it on their computers, which then flooded PayPal with traffic. That attack affected PayPal briefly, but at the same time, it left fingerprints behind identifying people running LOIC. The FBI followed up and arrested many of these activists. It's not something activists would be willing to do again on a large scale.

Unlike PayPal, the NYSE website is not the real NYSE. You can blow it up with explosives and you won't affect trading. Such a flood could "erase" it temporarily from the Internet, but everyone would yawn.

There are more practical things that could be done, but here's the thing. If you could do it, you could make billions of dollars.

For example, there are a lot of trader terminals connected more deeply with actual trading network, which is completely disconnected from the NYSE website and the Internet. Such a system could be subverted and cause minor disruptions with trades. Even major disruptions can quickly be fixed: simply shut down the exchange, fix the problem, and bring it back up again. 9/11 disabled NYSE, and it came back a few days later. I doubt there is a way to permanently "erase" it.

But if you could do that, you could do something better. If you weren't interested in making money, the thing to do wouldn't be to DoS the stock exchange, but let them DoS themselves. Corrupt trades in a way that's undetected for as long as possible. The various counterparties would then be locked up in lawsuits for the next decade.


So technically, how could a hacker get inside the network?

The NYSE runs a completely separate network. Well, lots of people say this, like the operators of the power grid, and it's rarely true. But it's true in the case of the NYSE: I doubt hackers will find a way from the Internet into the NYSE private network.

But, there are lots of things on the NYSE private network, such as terminals on the desks of traders among the members of the NYSE. If a hacker could get physical access to one of those terminals, he could do a lot of damage.

The backend computers aren't the sorts hackers have experience with. Instead, they are things like AS/400 from IBM or "nonstop himalaya servers" from HP. These are actually FULL of vulnerabilities. It's astonishing how weak they are. But nobody knows, because the vendors assure customers they are secure, no hackers have challenged this impression (because they can't afford $100,000 for a system to test with), and nobody really cares, because they think the network is secure from outsiders.

Thus, a good hacker, one who can reverse engineer and write custom shellcode, will find that the network is actually fairly open. But the casual script kiddies like Anonymous aren't likely to find success.


Update: It was a non-event, reported on here:

http://www.chicagotribune.com/business/breaking/chi-anonymous-takes-down-nysecom-for-1-minute-20111010,0,1627656.story

http://www.forbes.com/sites/chrisbarth/2011/10/10/blink-and-you-missed-it-anonymous-attacks-nyse/

3 comments:

Deprima said...

Well, it could become dangerous for us. A hacker collective as Anonymous could illegally sniff wireless internet communications traffic on Wall St and do a whole lot of damage to the economy by using or publishing internal information, emails from bankers, smart phone communications etc.

Hackers can do a lot of damage with tools like HostileWRT routers. Please do not underestimate the threat hackers pose to Wall St. LOIC is just the script kiddie wave, things may get a lot worse.

It is important to take counter measures to prevent these angry protest kids to get out of control.

Gadfly said...

Agreed on the idea. It's already known that some traders engage in "head fake" computer trades that are quickly withdrawn, just to fool other traders.

Agreed on the main point, too. Unless Anonymous was using the threat of an "attack" as a head fake/diversion itself (which it wasn't), it was hot air from the start.

Unknown said...

Certainly, It is a moder and exclusive website about financial market.It is a very beneficial for us. So, I like it very much. Many many thanks for make this website. If you want more informastion about stock screener to visit stock screener factors every easier. Is in reality an arduous challenge to work through the actual very helpful tips In the same manner, the actual large number of web data on the net does not need to generate in the ineffective data. Happily, a Stock Screener can help target the securities who get together your current ideals along with satisfy your strategy. Take a look at evaluate exactly what a Stock Screener is and the way it may possibly work with you.