Last week the Securities Industry and Financial Markets Association (SIFMA), held the fifth in a series of exercises aimed at simulating a catastrophic cybersecurity event in the banking sector. Known as “Quantum Dawn”, the exercise provides an annual insight into the biggest risks faced by the financial services industry. It also demonstrates how such a major cyber disaster might progress. A report from CNBC outlined what happened.
As the report explains, for the first time, Quantum Dawn included participants from outside the U.S., with financial institutions from Europe and Asia taking part. This year’s scenario involved a targeted, ransomware attack affecting major banks around the world, starting in the U.S. and moving across Asia and to the U.K. It targeted the biggest financial institutions in those regions, taking critical elements of the world’s financial system offline.
The exercise – which took the form of a conference call – involved around 800 participants from large banks, regulators and other financial organisations in 12 countries. Starting on the morning of November 7, it was based on an attack on a major, but unnamed U.S. company – one designated as “too big to fail” by regulators.
After the close of the US Stock Market, the institution was attacked by malicious ransomware and knocked offline. The initial scenario was followed by a number of questions and discussion of rules around public disclosure of the incident and how the wider financial industry would coordinate and share information.
The scenario concluded with the ransomware migrating back to the U.S., where it then affected a financial market utility responsible for facilitating payment and settlement activity in the U.S. In this case the participants described how they could mitigate things to keep funds flowing and accounts being settled. Indeed, it seems that the main focus of those involved in the overall scenario was communication – internal (to executives and staff) and external (to clients).
In the wake of this exercise, SIFMA will work with Protiviti, a risk and compliance consulting firm, to examine the behaviour and performance of the organisations involved. They will then issue a public report with observations and recommendations.
Find out more via the link.