Why bring in the NSA?

by Kevin D. Freeman on April 5, 2011


When we first posted about the NASDAQ security breach on February 8th (NASDAQ Admits Hacker Attempts), there were many who seemingly doubted a national security connection. They viewed this attack as a hedge fund or someone attempting to gain information to make money. We had two major points:

1) Even if the attack was primarily for economic advantage, it exposed a serious vulnerability; and,

2) There is much more to the story than can be shared publicly. In fact, we knew it was a matter of national security.

Last week, Bloomberg broke a story that all but admitted the national security risks. It seems as if the NSA has been asked to investigate:

U.S. Spy Agency Is Said to Investigate Nasdaq Hacker Attack
http://www.bloomberg.com/news/2011-03-30/
Here are key quotes:

 

“By bringing in the NSA, that means they think they’re either dealing with a state-sponsored attack or it’s an extraordinarily capable criminal organization,” said Joel Brenner, former head of U.S. counterintelligence in the Bush and Obama administrations, now at the Washington offices of the law firm Cooley LLP.”


“Security dangers include the potential for intruders to alter trading algorithms and cause a market crash, according to Larry Dignan, who writes for ZDNet, a technology publication that’s a unit of CBS Interactive.”

“Brenner said intruders might do just as much damage by manipulating trading to create doubt about the validity of trades. More than 93 billion shares were traded on the Nasdaq exchange in the fourth quarter of 2010, equal to almost 20 percent of the U.S. equities market, according to the company’s final quarterly report to the Securities and Exchange Commission last year.”

 

All of this confirms reports we have been making for two years. This is a serious issue and we are working hard to help the National Security community understand the risks and prepare an appropriate response.

 

 

All posts Copyright (c) 2011 Kevin Freeman, All Rights Reserved

Previous post:

Next post: