Senior Wall Street executives have outlined for Congress
unprecedented security measures that continue to be revised and
improved to withstand what the government fears is an ongoing
effort by al-Qaeda to disrupt the US economy.
Appearing at a House Financial Services committee hearing,
senior government officials and executives from key financial
institutions in lower Manhattan described in startling detail the
efforts that continue to go into bolstering physical and cyber
security for the nation's critical financial trading systems.
The Department of Homeland Security raised the terrorist threat
level to Code Orange on 1 August for financial companies in New
York, New Jersey and Washington.
Since the 9/11 attacks, the New York Stock Exchange has spent
more than $100m (£56m) to bolster physical and cyber security and
improve redundancy and business continuity, said Robert G Britz,
president and co-chief operating officer of the NYSE.
Among the improvements are:
- A new contingency trading floor
- An expansion of the emergency command centre operated by
Securities Industry Automation (SIAC)
- A remote network operations centre
- An ongoing effort to establish a remote national market system
datacentre, and
- Modifications allowing trading systems to accept four-character
symbols, thereby providing backup for the Nasdaq stock
market.
The most far-reaching security precautions, however, were
undertaken in the area of physical security for both key personnel
and critical datacentres, said Britz.
In addition to mandating that a certain percentage of personnel
work off-site at any given time, the NYSE has worked with New York
City officials to reroute bus traffic around its datacentres, hired
a 24-hour New York Police Department security detail for all
datacentres and deployed a geographically dispersed fibre-optic
routing backbone.
That backbone would allow equity brokers to maintain connections
to the markets in the event of another 9/11-type of attack. Called
the Secure Financial Transaction Infrastructure (SFTI), it connects
more than 600 financial services firms.
SFTI is a private extranet that provides continuous
telecommunications and a secure means of connecting to trading,
clearing and settlement, market data distribution and other SIAC
services, Britz said.
Instead of running circuits directly to SIAC, users connect to
multiple access centres via their carrier of choice, eliminating
the need to rely on a single telecommunications route, he said
All of SFTI's equipment, connections, power supplies, network
links and access centres are redundant, and its architecture
features independent, self-healing fibre-optic rings making it
independent of all other telecommunications circuits and conduits,
according to Britz.
"Therefore, even if one SFTI fibre pathway is compromised,
financial data traffic will continue to move uninterrupted along
another pathway, improving the industry's protection against
possible threats," Britz said.
The NYSE and SIAC also recently completed work on a remote
network operations centre (RNOC) that Britz said will be in
operation by the fourth quarter of this year. The RNOC will allow
NYSE officials to monitor and operate the datacentres and will
support the SFTI network as well as the computer systems comprising
the Intermarket Trading System, the Consolidated Trade System, the
Consolidated Quotation System and the Options Price Reporting
Authority.
SIAC is also building a remote datacentre that will be in
operation by the second quarter of 2005 and will support of the
Consolidated Tape and Consolidated Quotation (CT/CQ) systems and
the Options Price Reporting Authority.
John R Mohr, executive vice-president of global payment systems
firm The Clearing House Association (TCH), said his firm hired a
contractor to conduct both physical and cyber penetration tests. As
a result of those tests, TCH reconfigured one of its key
facilities, implemented biometric access-control systems and "all
but eliminated visitor access to our operating centres".
TCH also developed a tertiary datacentre in a remote region of
the country that is fully equipped to take over operation of its
Clearing House Interbank Payments System (CHIPS) within an hour of
a simultaneous failure of the other two CHIPS datacentres, said
Mohr.
Using custom mirroring software specially developed by TCH,
CHIPS was able to overcome distance limitations of synchronous
mirroring technology and achieve recovery times consistent with
synchronous mirror sites, he said.
Samuel H Gaer, CIO of the New York Mercantile Exchange, said all
essential employees at his organisation have been issued cell
phones with two-way radio capability. They also have portable
two-way e-mail devices - some of which can be used to make
emergency phone calls - and laptops with remote connection software
and cellular modem cards to wirelessly connect to exchange system
resources anywhere cellular coverage is available.
Despite these efforts to bolster physical security and network
redundancy, Wayne A Abernathy, assistant Treasury secretary for
financial institutions, warned Congress that the financial sector
is under constant electronic assault by both organised crime and
unknown entities.
"These assaults have progressed from computer hackers and
pranksters into theft and now, we believe, on to schemes to disrupt
the operations of our financial systems," he said. "Some of these
attacks have their sources in organised crime and we believe that,
increasingly, still more sinister actors are involved. The threat
is not theoretical."
Dan Verton writes for Computerworld