Nasdaq Hacked -- and So What?
Why all the hyperventilating over hackers infiltrating Nasdaq? A typically overheated response:
Revelations over the past few days that hackers had penetrated certain systems at the Nasdaq stock exchange are reverberating throughout the financial world. Indeed, the case is shaking some bedrock assumptions of a digitized, high-speed, globally connected stock market run essentially by computers with minimal human interaction.What assumptions might those be -- that "digitized, high-speed, globally connected" stock markets "run essentially by computers" are vulnerable to human interaction after all? Imagine that. Professing shock at this incident is like expressing surprise every time some nutcase opens fire on a crowd. Crazy theory -- maybe it has something to do with handguns. Or, in this case, with our digitized markets.
Hackers are everywhere
Some investors are fretting that the Nasdaq break-in could undermine investor confidence. Well, probably. But mostly these are just investors who don't know the score. Because the truth is that ever since a Cornell grad student in 1988 unloosed the first Internet worm on MIT's computer network, hackers have targeted all manner of corporations, government organizations and other institutions.
The U.S. government itself is suspected of having engaged in some first-rate hacking. The CIA is rumored to have collaborated with Israeli intelligence to bring Iran's nuclear program to a screeching halt last year -- literally -- by infecting Iranian computer systems that manage centrifuges used for refining uranium with the so-called stuxnet worm.
That hackers have now turned their attentions to Nasdaq is of zero surprise. Indeed, if there's anyone who's certain not to be shocked by the incursion, it's financial technology pros. That's because every major financial firm is under assault, with attacks multiplying in number and sophistication. Hackers steal cash from ATMs, crack customer accounts, pilfer credit card accounts and manipulate stock prices. Occasionally, they really go on a tear and cripple an entire country's banks.
Compared to the flash crash, this is nothing
In some ways, this episode is much less troubling than the "flash crash," when ghosts in the machine -- or something -- caused the Dow to drop 900 points in a matter of minutes on May 6, 2010. At least with this latest security breach, we can assume that a person did it, and people can be stopped. It also doesn't appear as if hackers were able to penetrate Nasdaq's trading platforms.
By contrast, the feds have yet to provide a fully satisfactory theory for how algorithmic trading programs suddenly grabbed the steering wheel last year. Nor have I come across any persuasive explanations for why stock prices often gyrate wildly minutes before markets close. High-frequency traders? Hey, you tell me. Point is, hackers frighten me far less than the bogies holding the keys.
The more interesting, if obvious, question: why Nasdaq, and what can the exchange do about it? For now, U.S. federal authorities don't appear to to have a clear idea about the hackers' motives (or are keeping it under wraps as the investigation unfolds):
[S]everal people with knowledge of the probe say investigators haven't reached even preliminary conclusions about motive and that other theories, including terrorism, theft or wire fraud, at this point remain possibilities.Spooky? Sure. But not a dire threat. The Dow is up more than 2,300 points since the flash crash. I'll go out on a limb and suggest the Nasdaq will do just fine (Last I checked it was up 23 points.)
On the other hand, I'd like to hear more about why Nasdaq and government officials kept word of the break-in secret for so long. I can understand not wanting to tip off the fraudsters, but that has to be weighed against the risks of not immediately alerting customers that their personal data may have been compromised.
Image from Flickr user dbasulto
Related: