About 50 institutions — including banks like JPMorgan Chase (JPM, Fortune 500) and Bank of America (BAC, Fortune 500) — participates in the exercise, called “Quantum Dawn 2.” To take part in the drills, each of the participating institutions will be running software developed by Cyber Strategies, a Northfield, Vt., firm that specializes in making cyber exercise software for financial institutions. Karl Schimmeck, SIFMA’s vice president of financial services operations, declined to share specifics of what exactly the simulated threats would look like, but similar drills in the past have looked like a giant, computerized version of roleplaying game Dungeons and Dragons.<\/p>\n","protected":false},"excerpt":{"rendered":"
An employee sitting at his desk might get a prompt saying, “this bank is having integrity issues with money,” or “you cant make trades over this technical system.” The employee then might role-play talking to an FBI agent — likely an actual one enlisted to help with the drill, said Dave Aitel, CEO of the security firm Immunity, who formerly worked as a research scientist for the National Security Agency.<\/p>\n
<\/p>\n
The financial sector is hoping to prepare itself for a massive, disruptive attack — a growing concern lately, as “hacktivists,” organized cybercriminals and government-spnosored attacks become increasingly large and successful. Though still a far-off doomsday scenario, some security industry experts say the financial sector is vulnerable to cyber-terrorists aiming to damage the U.S. economy. That’s because banks and other financial institutions have to do deal with money flows in real time, with markets hanging in the balance.<\/p>\n
<\/p>\n
Though some skeptical security experts dismissed Quantum Dawn as a PR stunt, SIFMA said the first run was useful in uncovering flaws in the industry’s cyberattack protocols. The trade group found that banks were largely good at sharing information with one another, but bad at making real-time critical decisions for mitigating the threats.<\/p>\n