At the end of 2015, our financial services industry friends — foreign exchange (forex) brokers, traders, trading platform developers and financial technology companies — were hit by a tsunami of DDoS attacks.
Luckily the DDoS or Distributed Denial of Service attacks that recently shut down more than a few financial and forex trading sites are pretty crude. Says futurist Ted Gordon, “DDoS hackers have been around for a long time. They simply send so much data at one time that they are able to overwhelm the system and bring it, and customer access, to a screeching halt.”
The defense: build a bigger a pipe.
For example, FCM360 (www.fcm360.com), a secure ecommerce network provider and managed cloud hosting service, increased all of its upstream ISP bandwidth to repel attacks of up to 20 Gigabits per second internally.
“Additionally FCM360 contracted with security providers to increase its DDoS prevention capability to over 300 Gigabits per second in New York and London. This means we can withstand and mitigate nearly all current DDoS threats targeting the financial services and e-commerce industry,” says Jubin Pejman managing director
But Gordon, whose clients have included NATO and other international government entities, says that while DDoS attacks can be repelled “by building a bigger pipe, I worry about the future when a sophisticated lone-wolf SIMAD terrorist decides to penetrate the financial sector or the power grid for that matter."
SIMAD stands for Single Individual Massively Destructive.
Gordon, the lead author of “Lone Wolf Terrorism Prospects and Potential Strategies to Address that Threat,” sees us “in a race between the destructive capacity of an individual who can inflict harm on the level of, say, putting out all the lights on the Eastern seaboard, and the tools of detection and interdiction that might be available to thwart such efforts.”
To detect and stop such individuals Gordon believes an algorithm, using data from many different sources, will be developed to asses terrorism risk. The algorithm will produce a “risk number” similar to FICO scores that are based on debt collection and payment information and use a complex formula to determine an individual’s credit risk. “The terrorism database will be much larger, include more factors and, if proven statistically and used cautiously, could serve as a predictor of terrorism risk,” says Gordon.
“The data are likely to use facial recognition in new ways. For example, as someone enters the US, his or her passport photo might be matched to photos from a security camera near a restaurant in Brussels that is a known hangout for terrorists and shows the individual meeting with suspected terrorists.”
He added that law enforcement can also be expected to penetrate trading and ecommerce systems to test for reactions. This can include “fake trades” to learn whether our financial systems can withstand a large scale, sophisticated attack. Sources say TJX, for example, didn’t know its computer system had been breached until the FBI alerted the company. And, even after the company swept its system, hackers were able to leave behind a small bit of undetected code that continued to pirate credit card information.
Though sophistication and risk of devastation may increase, motivations will remain pretty much the same: “Greed, terror, or just proving one can break in to cause embarrassment,” says Gordon.
What does this mean for the public relations advisor and crisis manager?
As PR pros we have to be astute observers of the shifting balance between organizational transparency, access, civil liberties, and public safety. In times of stress or fear the pendulum can swing toward putting safety above constitutional protections. PR pros need to caution clients against overreach. When the pendulum swings back the organization will face legal and public perception backlash.
One of the most fragile and perhaps outdated systems we have is the power grid. Could terrorists or foreign power take down our electric grid, as Ted Koppel speculates in a new book, Lights Out: A Cyberattack, a Nation Unprepared, Surviving the Aftermath. Despite our best efforts to protect our own systems and data, an attack against the power grid will eventually bring down all our access to information and communication.
Think low tech too.
While you may have set up terrific communication systems that take full advantage of twitter and other social media outlets to instantly respond to customer concerns, community worries and employee needs, what do you do if the power grid is down or your data center is flooded? Make sure your disaster plan includes essential elements. Maintain a paper notebook with key political, senior management and media phone numbers and addresses. Establish a prearranged off-site meeting place for management and essential employees in the event of a major disaster. Make sure folks know how to initiate a pyramid alert plan. Have at least one hardwired phone that does not depend on an outside source of electricity as phone lines may be operative during an outage.
Pirozzolo Company Public Relations advises: one of the biggest mistakes corporate chiefs make during a disaster is to respond to media questions that are outside the scope of the organization's responsibility. If the building is ablaze, flooded, or a violent crime has been committed on premises or the FBI is investigating a cyber attack, let public safety and law enforcement officials respond to the immediate media questions. There will be ample time for a thoughtful response to the media on how the company will recover and what protections will be put in place to prevent a recurrence. Learn some simple deflections such as, "The FBI is involved, and we do not want to jeopardize their investigation," or "Let's focus on the fire department getting the blaze under control, I'm glad all out people got out without injury," or, "An arrest has just occurred and, in the interest of protecting the privacy of our employees, please direct your questions to local law enforcement."