Financial Industry to Engage in Cyberwar Drill This Summer
Banks and other financial services institutions are clamoring to participate in a cybersecurity drill designed to help them shore up their systems. How effective are cyberwar games in protecting against real-world threats, though? Missteps will occur despite this type of preparation, acknowledged NSS Labs' Ken Baylor, but "the community is rapidly learning from them."
A cyberdrill for financial services companies that was originally to be conducted on June 28 has drawn such a strong response that the organization sponsoring it has had to reschedule the event.
"Given the industry's robust interest in this program and the expanding number of individuals who wish to participate, we are working to reschedule the exercise from June 28th to a little later this summer," Liz Pierce, spokesperson for the Securities Industry and Financial Markets Association, told TechNewsWorld.
"We are doing this at the industry's request, as it will enable us to accommodate more participation in the program," Pierce said.
The exercise will likely be pushed back to July.
Everybody Wants To Play
About 50 participants from banks, the U.S. Department of Homeland Security, the Securities and Exchange Commission, the Department of the Treasury, and other organizations had signed up by Tuesday.
Participants from companies, which paid between US$1,000 and $10,000 depending on their size, will log on from their offices to a closed system developed by DHS, SIFMA Vice President Karl Schimmeck told TechNewsWorld.
The exercise "will simulate a systemic cyberattack on the financial system. Both individual firms and the sector as a whole will be able to test their response plans to ensure orderly markets and protect clients," he said.
Participants in Quantum Dawn 2 will coordinate with corporate and government partners by phone and email to fend off incoming attacks.
The exercise "will focus on coordination and communication surrounding decision-making at both the individual and firm level," Schimmeck said. It is less focused on individual systems testing.
"This is a very focused exercise, with buy-in from all the key players," Ken Baylor, a research vice president at NSS Labs and former vice president of security and antifraud at Wells Fargo, told TechNewsWorld. "The exercise will be very realistic and the lessons learned applicable."
Quantum of Solace
Quantum Dawn 2 is the second such exercise held for the financial industry. SIFMA will use the second-generation version of DECIDE-FS, an exercise tool developed by Cyber Strategies. The first-generation version was used in Quantum Dawn 1, held in 2011.
Cyber Strategies designs and delivers cyber exercises. It designed the initial cyberelements of the U.S. Top Officials Exercise in 2002.
The company also led the design and execution of the first U.S. national cyberexercise in 2003, which involved critical infrastructures, as well as federal, state and local agencies.
Cyber Strategies' policy bars discussion of projects until "well after they are complete," company director Andy Cutts told TechNewsWorld.
Are Cyberkatas Good Enough?
Real-life financial industry systems consist of multiple high-speed computers linked over fiber-optic lines that conduct millions of transactions a minute, and the question might arise as to whether a limited closed system can actually mirror the speed, complexity, and number and variety of inputs a financial company's computers manage.
"The financial industry takes the issue of cybersecurity very seriously and is proactively working to mitigate this threat," Schimmeck stated. "SIFMA is holding this exercise to enable both individual firms and the sector as a whole to test their response plans in order to maintain effective and orderly markets and protect clients."
Knight Capital almost went bankrupt after a computer glitch led its trading system to make multiple errant trades, costing it $460 million in 30 minutes. That error was similar to a scenario demonstrated in Quantum Dawn 1, which had been held nine months earlier.
That shouldn't cast doubt on cyberexercises, however, argued NSS Labs' Baylor.
While missteps and incidents occur and will likely do so again in the future, "the community is rapidly learning from them and is now actively drilling to mitigate future damage," he said. "Management now understands the potential carnage of an errant system and is enabling incident response teams to monitor, understand and mitigate issues faster."