By Kyle Bernat-Riddle · On March 30, 2017
Cyberattacks have become a standard, albeit costly operating risk for many modern organizations. As businesses leverage technological innovation for enhanced efficiency and optimization, they in turn expose themselves to increased economic and security related consequences. These breaches affect a wide range of organizations from financial institutions like J.P. Morgan Chase to defense contractors like Lockheed Martin. Moreover, breaches manifest themselves in a variety of forms and methodologies, making it increasingly cumbersome for organizations to develop effective security strategies.
Alongside their increasing complexity, the economic impact of cyber breaches continues to intensify as most organizations become increasingly optimized for tech-space. Experts from Marsh & McLennan’s Global Risk Centre predict that compromised Information Technology systems cost the global economy approximately $445 billion (USD) in 2014[SF1] with future financial loss from cybercrime attaining $2.1 Trillion (USD) in 2019. The sheer economic magnitude of the problem emphasizes the powerful impacts of cyberattacks in challenging modern institutional strength, coordination and regulation.
In response to these increasing threats, modern organizations have begun treating cyberattacks as a standard operating risk. This is especially true in the financial industry, which is heavily reliant on proprietary technologies for algorithmic trading. Financial institutions have increasingly employed High Frequency Trading algorithms (HFT’s) to make rapid trades in an effort to both front run investors and exploit market arbitrage opportunities through the reliance on real time information in making allocation decisions. This information is often provided by computational data-mining systems that evaluate news sources and social media outlets for information on potential opportunity and volatility. However, the entirety of the software’s analysis is conducted in nanoseconds, leaving limited opportunity for data validation, thus exposing algorithms to the risk of acting on inaccurate information.
Information integrity in high frequency trading has become especially important due to new United States Security & Exchange Commission (S.E.C.) regulation surrounding the release of corporate information on alternative platforms. In 2013, the Commission ruled that companies are permitted to post news on social-media sites so long as investors were notified ahead of the release of pertinent information. As a result, the use of social-media sites as valid news sources has become an increasingly common feature of many HFT algorithms and other industry data analytics software. For example, after the announcement, companies such as Bloomberg Professional Service began integrating Twitter and other social media feeds into their data collection software, ultimately resulting in HFT trading algorithms relying heavily on social media information in their search for advantages in the market.
Just one month after the SEC announcement, it became clear that the consequences of breaches in data integrity associated with using such sources were vastly underestimated. When hackers hijacked the Associated Presses (AP) Twitter account, and falsely reported an attack on the White House that left President Barack Obama injured, the Dow Jones Industrial index lost 145 points, while $136.6 Billion USD was wiped from Standard & Poor’s 500 Index over the course of two minutes. Although, the markets stabilized by the end of the trading day, the ‘flash crash’ attests to how susceptible capital markets are to false information. Once one algorithm begins to liquidate volatile assets in search of more stable investment instruments, other institution’s algorithms have a tendency to follow suit in a domino-like pattern. The ever evolving application of technology in the trading environment fosters an unprecedented challenge for regulatory bodies. Organizations such as the S.E.C. and the Investment Industry Regulatory Organization[SF2] (IIROC) in Canada must become increasingly apt at implementing regulations and suggestions pertaining to the electronic security of investment infrastructure.
On an all-encompassing scale, attacks on Critical Infrastructure have the ability to render a complete failure of a nation’s economy. Public Safety Canada defines Critical Infrastructure as the systems and facilities that are essential to the health, safety, security or economic well-being of a population and its governing body. In 2010, International Atomic Energy Agency (IAEA) inspectors at the Natanz Enrichment Facility in Isfahan Province, Iran were perplexed by the continuous failure of centrifuges at the plant. After the crashing and rebooting of a series of computers at the facility, a Belarusian IT Security Firm was contracted to trouble shoot the system. The firm’s investigation found a 500-kilobyte malware worm within certain computer systems at the facility. The malware package infiltrated computer systems running the Window’s Operating System and Siemens Step7 software. Siemens Step7 is prevalent in many industrial computing systems often serving as a dam and power plant control system. Through the Step7 software, the malware was able to access the system’s logic controllers, leading the worm’s creators to operate machinery at the facility and access critical information. The worm that was found at the Natanz facility became commonly referred to as Stuxnet, the world’s first cyber-weapon. Although the Iranians insisted that the virus only caused minor issues, such malware has the ability to allow foreign enemies to control integral components to a country’s critical infrastructure, leaving countries’ essential services vulnerable to outside interference. Countries are now facing credible cyber risks for events such as melt downs at nuclear facilities and floods at a major dam sites. Such events have the ability to cause both unprecedented economic losses and may very well play a role in future geopolitical conflicts.
The recent United States Presidential Election serves as a testament to the importance of cybersecurity in protecting national interests. After orders for a comprehensive electoral investigation were issued by President Barack Obama, American intelligence analysts concluded that the Russian Federation intervened in the 2016 election to assist President-elect Trump in winning the Presidency. Citing American officials briefed on the matter, the Washington Post reported that American intelligence operatives had identified individuals with connection to the Russian Government as being the source of thousands of hacked Democratic National Committee (DNC) correspondences leaked to WikiLeaks. The release of these internal emails caused significant embarrassment to both the DNC and the Clinton Campaign, shedding light on the ideological fracture in between the Clinton and Sanders camps.
Allowing a foreign state actor to influence the course of electoral due process undermines the core founding principles of modern western civilization. Turning a blind eye to such events sets a dark and dangerous precedent for the long-term viability of the underlying principles associated with democratic governing institutions. Ensuring elections are facilitated in an ethical and equitable manner should be the foremost priority of any constitutionally bound nation. As technology becomes increasingly synonymous with daily life, the need to protect our sovereign interests from cyber threats becomes increasingly paramount. War in cyberspace appears to be the next progression in the evolution of global conflict.
The importance of cybersecurity and data integrity to national and economic interests cannot be underestimated. ‘Flash Crashes’, Iranian nuclear plant failures, and foreign espionage in the American Presidential Election illustrate how inadequate cybersecurity can lead to unprecedented economic losses and potential geopolitical conflict. Moving forward, it is essential for security agencies to work collaboratively with the private sector and critical infrastructure sectors to monitor and prevent attacks to their systems. Additionally, governments must form clear cut directives that task specific agencies with the management of cyber threats. Being able to protect corporations and national institutions from cyber-attacks will be essential to maintaining the sacred values of Democracy and Capitalism into the next century and beyond.