TREASURE TROVE OF DATA
Former Deputy Defense Secretary William Lynn said cyber attacks could prove particularly devastating for financial institutions given the critical importance of the data stored on their networks and the need to maintain investor confidence in their security.
"You can't do transactions if you don't have reliable data," Lynn, who spearheaded the Pentagon's national cyber strategy released this summer, said in an interview.
He said more than 100 countries already have some hacking capabilities, and such tools could soon be available to rogue groups.
"You ultimately have to worry about terrorist groups gaining those capabilities, either by developing them themselves or just buying them on the open market," said Lynn, who retired earlier this month.
The NSA's work with Wall Street marks a milestone in the agency's efforts to make its cyber intelligence available more broadly to the private sector. For years, the spy agency kept such a low profile that some joked that its name stood for "No Such Agency" or "Never Say Anything." [ID:nS1E78J19N]
Greater cooperation with industry became possible after a deal reached a year ago between the Pentagon and the Department of Homeland Security, allowing NSA to provide cyber expertise to other government agencies and certain private companies.
Several people familiar with the NSA's assistance to Wall Street said the agency only gets involved when banks specifically ask for its help, so as not to violate laws that restrict its ability to operate within U.S. borders. These institutions get warnings about potential attacks and can ask questions on specific problems.
The NSA and big arms makers have a treasure trove of data on hacking, including intelligence on planned attacks and libraries of malicious software code used by foreign-government supported hackers that are not available elsewhere.
Such intelligence can be "gold" to a bank's security staff, said Shane Sims, a director in the forensics practice of PricewaterhouseCoopers.
"You can cash it in," said Sims, who is investigating attacks on several banks believed to be orchestrated by foreign governments. "It just allows you to turn your environment into an early warning system so you can intercede and take action before information goes out the door."
Banks need help from the NSA because they cannot keep up with increasingly sophisticated attacks just by using technology from traditional software security firms, experts say.
About eight out of ten Wall Street firms have been infiltrated by foreign-government backed hackers, according to Tom Reilly, who helps investment banks fight hackers in his role as the head of Hewlett-Packard Co's <HPQ.N> security business.
Hemanshu Nigam, a former federal prosecutor and cyber security expert, said enemy states could launch a cyber assault when their targets were particularly vulnerable. This could be during a major crisis, such as the financial crisis in 2008, the euro zone crisis now, or at the time of a key event such as the U.S. loss of its triple-A credit rating this summer.
Investors are already worried about how quickly markets can meltdown, as trading is almost completely electronic and reliant on hair-trigger software. The Dow Jones industrial average <.DJI> crashed nearly 700 points in about five minutes on May 6, 2010, an unprecedented plunge that regulators said was exacerbated by algorithmic trading, panic and vacuums of liquidity.
"What you're seeing is something that can cause a global tidal wave," said the cybersecurity expert Nigam, who had worked for News Corp <NWSA.O> and Microsoft Corp <MSFT.O>.
BANKS ALSO CONSULTING DEFENSE FIRMS
The NSA first started to worry about security of financial institutions about two years ago, and has held meetings with the Federal Reserve Bank of New York and banks to address those concerns, according to Jim Lewis, a cyber expert with the Center for Strategic and International Studies, a Washington-based think tank.
The New York Fed declined comment.
Lewis pointed the finger at China as a consistent threat. "Business espionage is a normal practice for Chinese businesses and for (government) agencies," he said.
U.S. financial institutions have also sought assistance from private defense contractors that help the U.S. government build cyber weapons and tools for defending military networks.
Companies such as Lockheed, General Dynamics Corp <GD.N>, Boeing Co <BA.N>, Northrop Grumman Corp <NOC.N> and Raytheon Co <RTN.N> are now competing with traditional security vendors to serve corporate America, including banks.
Defense industry executives say big Wall Street firms are asking arms makers for help in locking down critical data, including the algorithms used for trading shares, currencies and commodities.
"Other sectors are becoming increasingly concerned about such attacks and want to learn more about how we protect our data," said one defense industry executive, whose company has already worked with power companies and is now negotiating agreements with several major financial firms.
Earlier this year, the hacking of EMC Corp's <EMC.N> RSA security division underscored the growing sophistication of hackers. RSA provides SecurID keys used by companies all over the world.
The hackers, likely backed by a foreign government, used data from the RSA breach, coupled with personal identifying information gleaned from other attacks, to break into Lockheed's computer networks. [ID:nL5E7LB13W]
Erin Nealy Cox, a former U.S. federal computer crimes prosecutor, said she tells banks that it's only a matter of time before their systems are breached.
"Our advice to our clients is -- it's not a matter of if, it's a matter of when," said Nealy Cox, managing director at Stroz Friedberg LLC. "We don't want to give anybody a false sense of security." (Reporting by Andrea Shalal-Esa and Jim Finkle, additional reporting by Tim McLaughlin in Boston, and Diane Bartz in Washington. Editing by Tiffany Wu and Martin Howell)
Our Standards: The Thomson Reuters Trust Principles.
