NASDAQ Feels Stoll's Frustration

Just as Cliff Stoll spotted and followed a hacker who was looking for information by using his system at Lawrence Berkley Laboratory (LBL), NASDAQ recently had a hacker invade their system looking for information.  Just as the hacking began at LBL with a hole in the widely used GNUEmacs program, hackers first penetrated NASDAQ through a hole in a commonly used Microsoft's server system.  NASDAQ and Stoll both discovered the hackers through their normal means of monitoring of their computers.  Even though NASDAQ had the help of government agencies, they too had difficulties tracking down their hacker just as Stoll did.  Another similarity between the situations at NASDAQ and LBL is that even when the detected hole is patched, there are certainly other holes that the hackers will use, so a single patch will not fix everything.  With situations like these becoming too common, it is time to allow computer security systems to go on the offensive when a hacker strikes.  This type of solution to computer hackers could substantially decrease the number of situations like those that occured at NASDAQ and LBL.