Wednesday, April 6, 2011

NSA to Investigate Nasdaq Hack | Threat Level | Wired.com

NSA to Investigate Nasdaq Hack

The National Security Agency has been called in to help investigate recent hack attacks against the company that runs the Nasdaq stock market, according to a news report.

The agency’s precise role in the investigation hasn’t been disclosed, but its involvement suggests the October 2010 attacks may have been more severe than Nasdaq OMX Group has admitted, or it could have involved a nation state, according to sources who spoke with Bloomberg News.

“By bringing in the NSA, that means they think they’re either dealing with a state-sponsored attack, or it’s an extraordinarily capable criminal organization,” Joel Brenner, former head of U.S. counterintelligence in the Bush and Obama administrations, told the publication. He added that the agency rarely gets involved in investigations of company breaches.

The NSA was called in by Google last year to help the company secure its network after it was targeted in a sophisticated attack.

Regarding the Nasdaq breach, in addition to the Secret Service, the FBI and the NSA, unidentified foreign intelligence agencies are also reportedly assisting in the probe.

The Wall Street Journal reported in February that Nasdaq OMX Group had been repeatedly breached last year.

Nasdaq later confirmed the report but insisted that computers involved in its trading platform were not compromised in the attacks. The company said the attacks were limited to a web application known as Directors Desk that allows board members of Nasdaq companies to hold online meetings and exchange confidential information — data that attackers would conceivably find useful to trade on.

The system also includes “a useful contacts section that includes detailed information about all board members and key company executives” and their relevant contact information — a wealth of information for an attacker aiming to conduct a spear-phishing attack against company executives in order to gain login credentials to their networks.

The Directors Desk, however, may not have been the target but simply an entry point for the hackers to gain further penetration into Nasdaq OMX’s network. According to Bloomberg News, investigators have acknowledged they still have no idea how far into the network the attack reached or what data the attackers may have stolen.

The attack prompted the House Financial Services Committee to launch a review in February into the security of the nation’s financial infrastructure.

The NSA’s involvement in the investigation is bound to raise concerns among civil libertarians, because the agency has been accused of trying to strong-arm its way into monitoring critical infrastructure networks. National Cyber Security Center director Rod Beckstrom resigned from his job in 2009 over concerns that the NSA planned to take over government cybersecurity efforts.

Director of National Intelligence Adm. Dennis Blair raised a ruckus that same year, when he told the House intelligence Committee that the NSA (rather than the Department of Homeland Security which currently oversees cybersecurity for the government) should be in charge of securing cyberspace for government and privately owned critical-infrastructure networks.

“The National Security Agency has the greatest repository of cybertalent,” Blair said. “[T]here are some wizards out there at Fort Meade who can do stuff.”

The NSA, however, has been embroiled since 2005 in allegations that the agency violated federal laws in conducting illegal surveillance of Americans’ phone and internet communications with the help of telecommunications companies. Giving the agency an entree into an investigation of Nasdaq could help the government make a case for allowing the NSA to monitor financial networks to ensure their security.

The NSA referred all questions about the Nasdaq investigation to the FBI, which did not immediately respond to a call for comment from Threat Level.

Photo: Bebeto Matthews/AP

See also:

Kim Zetter is a senior reporter at Wired covering cybercrime, privacy, security and civil liberties.
Follow @KimZetter on Twitter.

Posted via email from Whistleblower

No comments:

Post a Comment