http://www.computerworld.com/securitytopics/security/story/0,10801,95765,00.html By Dan Verton SEPTEMBER 08, 2004 COMPUTERWORLD WASHINGTON -- With the third anniversary of the Sept. 11, 2001, terrorist attacks approaching this weekend, senior Wall Street executives today outlined for Congress unprecedented security measures that continue to be revised and improved to withstand what the government fears is an ongoing effort by al-Qaeda to disrupt the U.S. economy. Appearing at a House Financial Services committee hearing today, senior government officials and executives from key financial institutions in lower Manhattan described in startling detail the efforts that continue to go into bolstering physical and cyber security for the nation's critical financial trading systems. The Department of Homeland Security raised the terrorist threat level to Code Orange on Aug. 1 for financial companies in New York, New Jersey and Washington. Since the 9/11 attacks, the New York Stock Exchange has spent more than $100 million to bolster physical and cyber security and improve redundancy and business continuity, said Robert G. Britz, president and co-chief operating officer of the NYSE. Among the improvements are a new contingency trading floor, an expansion of the emergency command center operated by Securities Industry Automation Corp. (SIAC), a remote network operations center, an ongoing effort to establish a remote national market system data center, and modifications allowing trading systems to accept four-character symbols, thereby providing backup for the Nasdaq stock market. The most far-reaching security precautions, however, were undertaken in the area of physical security for both key personnel and critical data centers, said Britz. In addition to mandating that a certain percentage of personnel work off-site at any given time, the NYSE has worked with New York City officials to reroute bus traffic around its data centers, hired a 24-hour New York Police Department security detail for all data centers and deployed a geographically dispersed fiber-optic routing backbone. That backbone would allow equity brokers to maintain connections to the markets in the event of another 9/11-type of attack. Called the Secure Financial Transaction Infrastructure (SFTI), it connects more than 600 financial services firms. Pronounced "safety," SFTI is a private extranet that provides continuous telecommunications and a secure means of connecting to trading, clearing and settlement, market data distribution and other SIAC services, Britz said. Instead of running circuits directly to SIAC, users connect to multiple access centers via their carrier of choice, eliminating the need to rely on a single telecommunications route, he said All of SFTI's equipment, connections, power supplies, network links and access centers are redundant, and its architecture features independent, self-healing fiber-optic rings making it independent of all other telecommunications circuits and conduits, according to Britz. "Therefore, even if one SFTI fiber pathway is compromised, financial data traffic will continue to move uninterrupted along another pathway, improving the industry's protection against possible threats," Britz said at the hearing. The NYSE and SIAC also recently completed work on a remote network operations center (RNOC) that Britz said will be in operation by the fourth quarter of this year. The RNOC will allow NYSE officials to monitor and operate the data centers and will support the SFTI network as well as the computer systems comprising the Intermarket Trading System, the Consolidated Trade System, the Consolidated Quotation System and the Options Price Reporting Authority. SIAC is also building a remote data center that will be in operation by the second quarter of 2005 and will support of the Consolidated Tape and Consolidated Quotation (CT/CQ) systems and the Options Price Reporting Authority. John R. Mohr, executive vice president of The Clearing House Association LLC (TCH), a global payment systems firm that clears and settles more than $1.5 trillion in trades per day, said his firm hired a contractor to conduct both physical and cyber penetration tests. As a result of those tests, TCH reconfigured one of its key facilities, implemented biometric access-control systems and "all but eliminated visitor access to our operating centers." TCH also developed a tertiary data center in a remote region of the country that is fully equipped to take over operation of its Clearing House Interbank Payments System (CHIPS) within an hour of a simultaneous failure of the other two CHIPS data centers, said Mohr. Using custom mirroring software specially developed by TCH, CHIPS was able to overcome distance limitations of synchronous mirroring technology and achieve recovery times consistent with synchronous mirror sites, he said. Samuel H. Gaer, CIO of the New York Mercantile Exchange, said all essential employees at his organization have been issued cell phones with two-way radio capability, portable two-way e-mail devices -- some of which can be used to make emergency phone calls -- and laptops with remote connection software and cellular modem cards to wirelessly connect to exchange system resources anywhere cellular coverage is available. Despite these efforts to bolster physical security and network redundancy, Wayne A. Abernathy, assistant Treasury secretary for financial institutions, warned Congress that the financial sector is under constant electronic assault by both organized crime and unknown entities. "These assaults have progressed from computer hackers and pranksters into theft and now, we believe, on to schemes to disrupt the operations of our financial systems," he said. "Some of these attacks have their sources in organized crime [and] we believe that, increasingly, still more sinister actors are involved. The threat is not theoretical." _________________________________________ Donate online for the Ron Santo Walk to Cure Diabetes - http://www.c4i.org/ethan.html
This archive was generated by hypermail 2.1.3 : Thu Sep 09 2004 - 04:35:34 PDT