WASHINGTON – The government’s top U.S. electronic intelligence service has joined a probe of the October cyberattack on Nasdaq OMX Group Inc. amid evidence the intrusion by hackers was more severe than first disclosed, according to people familiar with the investigation.
The involvement of the National Security Agency, which uses some of the world’s most powerful computers for electronic surveillance and decryption, may help the initial investigators — Nasdaq and the FBI — determine more easily who attacked and what was taken. It may also show the attack endangered the security of the nation’s financial infrastructure.
“By bringing in the NSA, that means they think they’re either dealing with a state-sponsored attack or it’s an extraordinarily capable criminal organization,” said Joel Brenner, former head of U.S. counterintelligence in the Bush and Obama administrations.
The NSA’s most important contribution to the probe may be its ability to unscramble encrypted messages that hackers use to extract data, said Ira Winkler, a former NSA analyst and chief security strategist at Technodyne, a Wayne, N.J.-based information technology consulting firm.
The probe of the attack on the second-biggest U.S. stock exchange operator, disclosed last month, is also being assisted by foreign intelligence agencies, said one of the people, who declined like the others to be identified because the investigation is confidential and in some cases classified. One of the people said the attack was more extensive than Nasdaq previously disclosed.
Investigators have yet to determine which Nasdaq systems were breached and why, and it may take months for them to finish their work, two of the people familiar with the matter said.
Disclosure of the attack prompted the House Financial Services Committee in February to begin a review of the safety of the country’s financial infrastructure, according to the committee’s chairman, Rep. Spencer Bachus, R-Ala.
The widening investigation may also complicate Nasdaq’s ability to strike deals to buy or merge with other exchanges at a time when several competitors have announced such moves, said Alexander Tabb, a partner at Tabb Group, a financial-markets research firm based in Westborough, Mass.
“For an organization like Nasdaq, it does have an impact on the overall perception of their security, their resiliency and their value,” Tabb said.
Nasdaq reported in February that the breach of its computers was limited to a single system known as Directors Desk, a product used by board members of companies to exchange confidential information. The company said that as far as investigators could determine, no data or documents on that system were taken.
The NSA-assisted probe is now focused on how far the attack may have reached.
Copy the Story Link
Send questions/comments to the editors.
Success. Please wait for the page to reload. If the page does not reload within 5 seconds, please refresh the page.
Enter your email and password to access comments.
Hi, to comment on stories you must . This profile is in addition to your subscription and website login.
Already have a commenting profile? .
Invalid username/password.
Please check your email to confirm and complete your registration.
Only subscribers are eligible to post comments. Please subscribe or login first for digital access. Here’s why.
Use the form below to reset your password. When you've submitted your account email, we will send an email with a reset code.