Wall Street to Undergo Cyber Readiness
July 17th, 2013
This Thursday, beginning at around 8.30 a.m. and lasting through Friday morning, dozens of major Wall Street firms will come under a series of massive cyberattacks aimed at crippling financial services networks around the country, reports Computerworld.
No cause for alarm, cites the report, as the attacks will simply be a drill, codenamed Quantum Dawn 2. The effort is designed to test cyber incident response and coordination capabilities within the U.S. financial services sector.
Coordinated by the Securities Industry and Financial Markets Association (SIFMA), the mass drill will involve about 50 organizations, including large financial firms, exchanges, the U.S. Treasury Department, the Department of Homeland Security, and the FBI.
The report states that incident response teams from each organization will work from their facilities to respond to the simulated attacks and mitigate them in a coordinated fashion, according to a SIFMA spokeswoman. Participants in the exercise only know that the drill is being carried out, but have not been briefed on any specifics.
“This is not a Pass/Fail drill,” she said. “The goal is to provide firms an opportunity to test their responses and to ensure that they are in the best position to mitigate.”
For the exercise, SIFMA will use a tool called the Distributed Environment for Critical Infrastructure Decision-making Exercises—Finance Sector (DECIDE-FS) from Cyber Strategies, a security services vendor based in Northfield, VT.
DECIDE-FS is basically a massively multiplayer online role-playing game in which players work together to try and keep financial services and transactions running normally amid a stream of simulated cyber attacks.
To begin, participants login to a common DECIDE-FS server and launch the exercise, which will then proceed as a “series of events within time intervals planned by the exercise controller,” according to description of the technology by Cyber Strategies. Each participant in the exercise will make independent decisions, each of which in turn will have a negative or positive consequence attached to it.
This is the second time Wall Street firms have subjected themselves to a similar large-scale cyber exercise in recent years.
The Financial Services Sector Coordinating Council (FSSCC) led a similar exercise, code named Quantum Dawn in November 2011. That exercise, designed by Norwich University’s Applied Research Institute, involved simulated cyberattacks as well as simulated physical attacks involving armed gunmen, against critical financial services targets.
The scenario in the first exercise involved attacks aimed at corrupting publicly reported stock prices and trades and also loss of availability of the National Market System, which is used in over-the-counter trading. The exercise showed that while the financial services sector had good plans and procedures for sharing information, its members were less coordinated when making critical decisions such as closing markets in the face of a massive cyberattack.
With Quantum Dawn 2, the focus is on evaluating cyber incident response readiness only and will not involve a physical element, the spokeswoman said. SIFMA will provide feedback on how well participants did on the drills in a few weeks, she added.
The cyber attack exercise comes at an important moment for the financial industry. In recent months, many of the nation’s largest banks, including Wells Fargo, JP Morgan Chase, Bank of America and U.S. Bancorp have been pummeled by massive distributed denial of service (DDoS) attacks.
The attacks have been notable because of their sophistication and persistence. Security firms such as Prolexic, which specializes in helping companies mitigate DDoS attempts, have noted how some attacks generated magnitudes more DDoS traffic than anything seen before.
Many believe the attacks are being orchestrated by a state-sponsored entity or entities. An Iran-based group calling itself “Izz ad-Din al-Qassam Cyber Fighters” claimed responsibility for some of the early attacks. But security experts feel certain that others are involved as well.