Nasdaq, BATS hit by DOS attack

The two American stock exchange operators saw their Web sites attack for more than 24 hours on Tuesday.

Stock exchange operators Nasdaq and BATS saw their Web sites attacked for over 24 hours on Tuesday, blocking access to sites although trading was not affected, report said. Security watcher noted such denial-of-service (DoS) attacks "impossible" to prevent, though.

"The Web site wasn't hacked, nobody got any information. What they did was try to block access for our users," Nasdaq spokesperson Joseph Christinat told the newswire. He added that the attacks started since late Monday but Nasdaq has yet to locate the attack's origins nor say when the problem will be resolved. BATS also confirmed the attacks, saying: "Our trading systems were not affected and there were no exchange customer disruptions associated with the incident."

Both Nasdaq and BATS Web sites have since returned to normal as of the time this article was published.

Stephen Cobb, security evangelist at ESET, told ZDNet Asia that DoS attacks are "relatively easy" to execute but "impossible to prevent" because they merely simulate large amounts of traffic visiting a Web site. The defense against such attacks is load balancing and tracking down the attackers and shutting them down, said Cobb. However, he added that the need to act within the law might slow down the progress of tracking down the perpetrators.

For more on this story, read Stock exchange sites suffer DoS attack on ZDNet Asia.