[ISN] For Wall Street, 9/11 lessons three years in the making

InfoSec News isn at c4i.org
Thu Sep 9 06:41:16 EDT 2004


By Dan Verton 
SEPTEMBER 08, 2004 

WASHINGTON -- With the third anniversary of the Sept. 11, 2001,
terrorist attacks approaching this weekend, senior Wall Street
executives today outlined for Congress unprecedented security measures
that continue to be revised and improved to withstand what the
government fears is an ongoing effort by al-Qaeda to disrupt the U.S.

Appearing at a House Financial Services committee hearing today,
senior government officials and executives from key financial
institutions in lower Manhattan described in startling detail the
efforts that continue to go into bolstering physical and cyber
security for the nation's critical financial trading systems. The
Department of Homeland Security raised the terrorist threat level to
Code Orange on Aug. 1 for financial companies in New York, New Jersey
and Washington.

Since the 9/11 attacks, the New York Stock Exchange has spent more
than $100 million to bolster physical and cyber security and improve
redundancy and business continuity, said Robert G. Britz, president
and co-chief operating officer of the NYSE.

Among the improvements are a new contingency trading floor, an
expansion of the emergency command center operated by Securities
Industry Automation Corp. (SIAC), a remote network operations center,
an ongoing effort to establish a remote national market system data
center, and modifications allowing trading systems to accept
four-character symbols, thereby providing backup for the Nasdaq stock

The most far-reaching security precautions, however, were undertaken
in the area of physical security for both key personnel and critical
data centers, said Britz. In addition to mandating that a certain
percentage of personnel work off-site at any given time, the NYSE has
worked with New York City officials to reroute bus traffic around its
data centers, hired a 24-hour New York Police Department security
detail for all data centers and deployed a geographically dispersed
fiber-optic routing backbone. That backbone would allow equity brokers
to maintain connections to the markets in the event of another
9/11-type of attack. Called the Secure Financial Transaction
Infrastructure (SFTI), it connects more than 600 financial services

Pronounced "safety," SFTI is a private extranet that provides
continuous telecommunications and a secure means of connecting to
trading, clearing and settlement, market data distribution and other
SIAC services, Britz said. Instead of running circuits directly to
SIAC, users connect to multiple access centers via their carrier of
choice, eliminating the need to rely on a single telecommunications
route, he said

All of SFTI's equipment, connections, power supplies, network links
and access centers are redundant, and its architecture features
independent, self-healing fiber-optic rings making it independent of
all other telecommunications circuits and conduits, according to

"Therefore, even if one SFTI fiber pathway is compromised, financial
data traffic will continue to move uninterrupted along another
pathway, improving the industry's protection against possible
threats," Britz said at the hearing.

The NYSE and SIAC also recently completed work on a remote network
operations center (RNOC) that Britz said will be in operation by the
fourth quarter of this year. The RNOC will allow NYSE officials to
monitor and operate the data centers and will support the SFTI network
as well as the computer systems comprising the Intermarket Trading
System, the Consolidated Trade System, the Consolidated Quotation
System and the Options Price Reporting Authority.

SIAC is also building a remote data center that will be in operation
by the second quarter of 2005 and will support of the Consolidated
Tape and Consolidated Quotation (CT/CQ) systems and the Options Price
Reporting Authority.

John R. Mohr, executive vice president of The Clearing House
Association LLC (TCH), a global payment systems firm that clears and
settles more than $1.5 trillion in trades per day, said his firm hired
a contractor to conduct both physical and cyber penetration tests. As
a result of those tests, TCH reconfigured one of its key facilities,
implemented biometric access-control systems and "all but eliminated
visitor access to our operating centers."

TCH also developed a tertiary data center in a remote region of the
country that is fully equipped to take over operation of its Clearing
House Interbank Payments System (CHIPS) within an hour of a
simultaneous failure of the other two CHIPS data centers, said Mohr.  
Using custom mirroring software specially developed by TCH, CHIPS was
able to overcome distance limitations of synchronous mirroring
technology and achieve recovery times consistent with synchronous
mirror sites, he said.

Samuel H. Gaer, CIO of the New York Mercantile Exchange, said all
essential employees at his organization have been issued cell phones
with two-way radio capability, portable two-way e-mail devices -- some
of which can be used to make emergency phone calls -- and laptops with
remote connection software and cellular modem cards to wirelessly
connect to exchange system resources anywhere cellular coverage is

Despite these efforts to bolster physical security and network
redundancy, Wayne A. Abernathy, assistant Treasury secretary for
financial institutions, warned Congress that the financial sector is
under constant electronic assault by both organized crime and unknown

"These assaults have progressed from computer hackers and pranksters
into theft and now, we believe, on to schemes to disrupt the
operations of our financial systems," he said. "Some of these attacks
have their sources in organized crime [and] we believe that,
increasingly, still more sinister actors are involved. The threat is
not theoretical."


More information about the ISN mailing list