Nasdaq Hackers Put Vital Information at Risk

By Jared Levy, Editor, Smart Investing Daily, taipanpublishinggroup.com

You’re not going to find Friday’s security breach at the Nasdaq exchange as headline news in most publications. Given the seemingly more important things like the Packers winning the Super Bowl in Dallas or the inevitable spending cuts that are coming down the pike, why would we care about a person, group of people or foreign government gaining access to confidential data that could influence future stock prices or perhaps allow them access to the orders and prices themselves?

As much as I love football and want our state and federal budgets balanced, this breach and others like it deserve not only the full attention of all Americans, but serious action. The effects of these actions could be catastrophic, not only for your personal data security, but the infrastructure that holds these digital markets together.

If you thought the “flash crash” was scary, imagine someone having the ability to alter stock prices or gather inside information about an earnings report and flood the market with buy or sell orders. (Hackers did NOT gain access to price servers in this breach apparently.)

What Happened?

The NASDAQ OMX is an international stock exchange that is the primary trading exchange for over 2,800 stocks and options issues. The Nasdaq trades between 2 billion and 3 billion shares daily and is a completely electronic exchange with no trading floors. Essentially it is a complex network of computers that links brokers, market makers and investors together and allows qualified participants to enter prices and share amounts to buy or sell. Your broker acts as the portal for you to trade on the Nasdaq, only allowing you to buy or sell what you specify and can afford.

According to The Wall Street Journal and several other sources, the Nasdaq’s servers were breached on Friday. Per a nebulous written statement by Nasdaq, the hackers were able to penetrate an area of the network called the “Directors Desk,” which is a platform that’s intended to allow company boards with over 10,000 separate members to communicate by securely storing and sharing private information and files (very disturbing). Nasdaq states that no data was lost in this breach and they have removed the “spyware” from their computers.

This isn’t the first time the exchange has been hacked, this has happened several times this year already and, in fact, there have been reports of penetration into their servers going all the way back to the 1990s.

According to industry experts, even though we have not seen anything catastrophic yet, professional hackers will often go on many reconnaissance missions, gathering data and planning a large attack or information dump later on. According to SecurityNewsDaily.com, the cloud-based platform that was hacked holds company data, recordings from virtual board meetings and even details about the 10,000-plus board members that use it. This data could potentially be used to defraud the members themselves, or gain illegal insight into a company’s health.

Jeffery Carr, who consults with U.S. and allied governments on cyber warfare, offered even further details on his blog concerning the events at the Nasdaq. I don’t know about you, but this scares me to death.

Was it a coincidence that the Nasdaq wasn’t sending out quotes on any of their indexes on Friday morning? Perhaps, but as an investor, there are a couple small things you should know and might want to do, just in case there is a major data loss, error or another flash crash, or even if you simply lose power or crash your personal computer.

(Investing doesn’t have to be complicated. Sign up for Smart Investing Daily and let me and my fellow editor Sara Nunnally simplify the stock market for you with our easy-to-understand investment articles.)

Steps to Protect Yourself

• Write down (on paper) all important numbers. This should include your broker’s phone and account numbers, addresses, any and all pertinent information that allows you to get ahold of your broker and identify yourself in the event of an emergency.
• Record your investment holdings including symbol, purchase date, amount of shares or contracts, and approximate dollar values at monthly intervals. You can even take a screen shot of your broker’s screen and print it.

The good news is that there are companies that record stock ownership and transfers. Registrars and transfer agents ensure that each share of stock in a public company is accounted for, although they have no control over price.

• Watch your stop-losses — When the flash crash occurred, stop-losses not only added to the acceleration of the drops in price, but also locked in losses for investors who would have been profitable the very next day when the market recovered. Of course, many of the trades that occurred that day were “busted,” which means they “didn’t count.” But there is no reason to take a chance. If you are a longer-term trader, use caution when entering stop-loss orders. Try either a stop limit order or simply write down a price at which you want to get out, and when the stock gets there, enter your order manually.
• Don’t give your information to anyone online, not even your full name unless you are on a trusted site and know whom you are sending it to. Be aware of “phishing” scams, which are pop-ups you may see on your computer screen asking you for data or passwords. My rule of thumb is that if I didn’t normally have to give this information, there might be something wrong. Pick up the phone and contact the company that is asking for this data to double check if you’re suspicious.
• The Nasdaq doesn’t actually know who you are. When you enter an order, let’s say to buy 100 shares of Apple Inc. (AAPL:NASDAQ) for $300 each, your broker first verifies that you have the money in your account and then allows the order to pass through their gates and their clearinghouse’s gates to the Nasdaq system without your personal information. The order is sent with a “trade ID” only, so all the Nasdaq would see is an order to buy 100 shares for $300 per share. If you are filled, your broker (and their clearinghouse if separate) simply matches up the orders and deducts or adds any cash or stock positions.

*This was confirmed by a source at Penson Financial, which serves as a clearinghouse for many brokerages around the world.

While these breaches are extremely frightening, there are several layers in place to protect your information and even our trading systems. I believe the worst outcome of these breaches is not your personal data safety, but either confidential company information in the wrong hands being used to manipulate markets, or worse, the sabotage/overload of the pricing systems causing another flash crash of epic proportions using errant erroneous trades and prices.

For now, keep your records in order and your personal data close. Risks like this exist all around us in just about everything we do; unfortunately it’s one of the “costs” of doing business in the information age and over the Internet.

Editor’s Note: This secret Wall Street cheat sheet means big payoff for you… Time to get even! Wall Street thieves robbed America blind during the Crash, and now these billionaire hedge fund managers are forced to fess up. Congressional hearings expose their crimes. You have to read why in this exclusive investment report.

About the Author

Jared Levy is Co-Editor of Smart Investing Daily, a free e-letter dedicated to guiding investors through the world of finance in order to make smart investing decisions. His passion is teaching the public how to successfully trade and invest while keeping risk low.

Jared has spent the past 15 years of his career in the finance and options industry, working as a retail money manager, a floor specialist for Fortune 1000 companies, and most recently a senior derivatives strategist. He was one of the Philadelphia Stock Exchange’s youngest-ever members to become a market maker on three major U.S. exchanges.

He has been featured in several industry publications and won an Emmy for his daily video “Trader Cast.” Jared serves as a CNBC Fast Money contributor and has appeared on Bloomberg, Fox Business, CNN Radio, Wall Street Journal radio and is regularly quoted by Reuters, The Wall Street Journal and Yahoo! Finance, among other publications.