After numerous hacking campaigns and several high-profile arrests, companies are increasingly going on the defensive, and some have even pushed to be allowed to bring the fight to their attackers. On Wall Street, industry group SIFMA is trying to help banks figure out what they would do in case of a large-scale cyber attack — with a simulation called "Quantum Dawn 2." As Reuters reports, the Quantum Dawn 2 test will set participants up in a kind of trading sandbox, where they'll be assailed with transaction slowdowns or other signs that could indicate an attack.
Each participating firm will task three executives with managing a response, whether that means trying to neutralize the attack or modify how they trade to minimize its impact. They'll also need to coordinate with other companies to figure out what's going on and how to fix it. "Our members will say, ‘We think we see a threat out there, this is something multiple firms are dealing with,'" said SIFMA's Karl Schimmeck. "We will facilitate a conference call where we share what we know, have our regulators participate and see if we can understand a threat, deal with a threat and then do a shared analysis so that no one is working on their own."
Quantum Dawn 1 put armed gunmen in Lower Manhattan
Quantum Dawn 2 follows a 2011 program named, naturally, Quantum Dawn. As Schimmeck describes it, Quantum Dawn 1 "was a cyber attack coordinated with armed gunmen running around Lower Manhattan, trying to gain entry to the exchanges and really just try to blow things up." An evaluation of the exercise found that companies often weren't used to coordinating with each other on incidents, and that it was difficult to make decisions in the fast-moving trading environment.
This time around, there will be no guns. But instead of meeting in a single room, executives will work in their own offices, as they would be in a real incident. They'll need to use phones or email to communicate, something SIFMA hopes will create a "fog of war" around the proceedings. The test will also give participants more options than the original run, allowing them to investigate the problem and use that information to make further decisions. The greatest fog, however, may be around Quantum Dawn's name: even Schimmeck tells Reuters he has "no idea" where it came from.