Nasdaq Outage Explored: 7 Facts
Security experts dismiss reports that DDoS attack compromised systems in New York City and crashed Nasdaq exchange. But squirrels have not been ruled out.
Thankfully, the crash didn't involve an actual stock market plunge, but rather an apparent technical glitch in Nasdaq's systems that led to a three-hour outage.
Of course, those facts may not have been evident given some conjecture-filled reports on the downtime, with one noting that it "had all the earmarks" of an online attack. In fact, officials have seen no signs suggesting that hackers added a U.S. stock exchange takedown feather to their cap.
Here are seven facts to set the record straight:
1. Signs Point to Data Feed Failure.In fact, early signs are that the outage was caused by a connectivity problem involving a data feed from Nasdaq rival NYSE Arca, which resulted in price quotes not being received. Nasdaq officials told The Wall Street Journal that IT staff should have been able to manage the problem and prevent trading having to come to a halt. Obviously that didn't happen.
2. Nasdaq Wasn't Hacked.While Nasdaq is still investigating the outage, forget the notion that this particular incident involved the exchange being hacked, and dismiss the suggestion -- relayed photographically by numerous stories -- that the incident happened in New York City. "Nasdaq is neither in New York nor on the Internet," said Robert David Graham, CEO of Errata Security, in a blog post.
[For more information on exchange outages, from the unusual to highly technical, read: 10 Trading Glitches That Stopped The Markets.]
Graham also sharply dismissed a USA Today "cybertruth" report -- "Nasdaq outage resembles hacker attacks" -- as an untruth for its suggestion that the outage "had all the earmarks" of a hack attack launched as part of the Operation Ababil distributed denial-of-service (DDoS) attacks that began disrupting U.S. banking websites in September 2012.
"While the Nasdaq market is computerized, it's not really on the Internet. There's no way to DDoS it from the Internet," said Graham. "Sure, there's a path to the Internet; many of the ubiquitous Bloomberg terminals on the Internet can eventually cause trades to happen, but fundamentally the market has its own private network. Trades can continue in the face of any sort of DDoS attack."
3. Outages Are Not Unusual for Exchanges.In the wake of the outage, Nasdaq promised to do better. "Our systems, and the industry's, have to get to a higher level of robustness," Robert Greifeld, chief executive of Nasdaq parent company Nasdaq OMX Group, told the Journal.
Such outages are far from unknown. "This is not the first time that trading on an exchange has suffered a technological problem and probably not the last time. There were other examples, such as the Flash Crash in 2010, the Facebook IPO, while Goldman Sachs was hit by a bug and there was the Knight Capital case last year," said Arie Gozluklu, an assistant professor of finance at Britain's Warwick Business School, via email. "There is speculation this is down to the number of high-frequency traders, as algorithmic trading now makes up between 50% and 60% of trades in the U.S."
The Facebook outage alone cost traders an estimated $500 million in losses.
NEXT: 4. Perfect Uptime Is Tough to Achieve.... Read full story on InformationWeek
Post a comment to the original version of this story on InformationWeek