Lawmakers want answers on exchange hack attacks

WASHINGTON/NEW YORK Tue Feb 8, 2011 3:20pm EST

WASHINGTON/NEW YORK (Reuters) - Senior lawmakers demanded answers on Tuesday from regulators and financial exchange operators about computer hacking attacks.

Already under investigation by the FBI, the attacks were acknowledged over the weekend by the operator of the Nasdaq Stock Market, Nasdaq OMX Group Inc. Its shares were down 3.2 percent in midafternoon trading.

News of the incursions came amid growing concern about the stability of high-speed, computerized trading systems that can drive wild market swings. A "flash crash" that occurred on May 6 of last year saw U.S. stock markets plunge 700 points within minutes.

"The world must have confidence in the technological security of our financial markets," said U.S. House Financial Services Committee Chairman Spencer Bachus and committee member Scott Garrett, both Republicans, in a joint statement.

The two sent a letter to Nasdaq OMX, other exchange groups, the Securities and Exchange Commission and the Commodity Futures Trading Commission seeking reassurances.

"At a time when investor confidence remains fragile, the hacking of a network that contains nonpublic, inside, material information that could be used illegally to gain a trading advantage is especially disconcerting," they said.

Nasdaq OMX was not immediately available for comment.

EXCHANGE PARENT FOUND 'SUSPICIOUS FILES'

Nasdaq OMX acknowledged in a statement on Saturday that it had found "suspicious files" on its U.S. computer servers and determined that hackers could have affected one of its Internet-based client applications. The FBI and forensic firms helped Nasdaq conduct the probe, which is ongoing.

The company said there was no evidence that the hackers obtained customer information or that any of the company's trading platforms were compromised. The files were found in a Web application called Director's Desk and have been removed.

The incident did not become public until The Wall Street Journal reported it late on Friday.

Eighteen percent of all U.S. stock trading last month took place on one of Nasdaq OMX's venues.

Sang Lee, a managing partner specializing in market structure at Boston consultancy Aite Group, said it was not surprising that hackers would be drawn to exchanges.

"After all, what better location than exchanges or financial services firms if they are looking for sensitive, potentially lucrative financial information?" he said.

"Something like this could also help slow down technology innovations, such as cloud computing, as concerns over security issues ... persist," he said.

U.S. Sen. Bob Menendez, a Democratic member of the Senate Banking Committee, also sent a letter to the SEC urging a closer look into the hacking incidents.

The SEC should "consider investigating the extent to which hacking can disrupt trading platforms, both at Nasdaq and other exchanges as well, and what steps can be taken," he wrote.

Bachus and Garrett asked for replies to their letter by February 28 from the regulators and exchange groups.

(Writing by Kevin Drawbaugh, editing by Matthew Lewis)