The attempt by Faisal Shahzad to detonate a car bomb in Times Square was notable not just for its failure but also the severely limited systemic impact a car-bomb could have, even when exploding in crowded urban center. Car-bombs or Vehicle-Borne IED’s have a long history (incidentally one of the first was the1920 ‘cart and horse bomb’ in Wall Street, which killed 38 people). VBIED’s remain deadly as a tactic within an insurgency or warfare setting but with regard to modern urban terrorism the world has moved on. We are now living within a highly virtualized system and the dizzying stock-market crash on the 6th May 2010shows how vulnerable this system is to digital failure. While the NYSE building probably remains a symbolic target for some terrorists a deadly and capable adversary would ignore this physical manifestation of the financial system and disrupt the data-centers, software and routers that make the global financial system tick.  Shahzad’s attempted car-bomb was from another age and posed no overarching risk to western societies. The same cannot be said of the vulnerable and highly unstable financial system.

Computer aided crash (proof of concept for future cyber-attack)

There has yet to be a definitive explanation of how stocks such as Proctor and Gamble plunged 47% and the normally solid Accenture plunged from a value of roughly $40 to one cent, based on no external input of information into the financial system. The SEC has issued directives in recent years boosting competition and lowering commissions, which has had the effect of fragmenting equity trading around the US and making it highly automated. This has created four leading exchanges, NYSE Euronext, Nasdaq OMX Group, Bats Global Market and Direct Edge and secondary exchanges include International Securities Exchange, Chicago Board Options Exchange, the CME Group and the Intercontinental Exchange. There are also broker-run matching systems like those run by Knight and ITG and so called ‘dark-pools’ where trades are matched privately with prices posted publicly only after trades are done. As similar picture has emerged in Europe, where rules allowing competition with established exchanges and known by the acronym “Mifid” have led to a similar explosion of types and venues.

To navigate this confusing picture traders have to rely on ‘smart order routers’ – electronic systems that seek the best price across all of the platforms. Therefore, trades are done in vast data centers – not in exchange buildings. This total automation of trading allows for the use of a variety of ‘trading algorithms’ to manage investment themes. The best known of these is a ‘Volume Algo’, which ensures throughout the day that a trader maintains his holding in a share at a pre-set percentage of that share’s overall volume, automatically adjusting buy and sell instructions to ensure that percentage remains stable whatever the market conditions. Algorithms such as this have been blamed for exacerbating the rapid price moves on May 6th. High-frequency traders are the biggest proponents of algos and they account for up to 60% of US equity trading.

The most likely cause of the collapse on May 6th was the slowing down or near stop on one side of the trading pool. So in very basic terms a large number of sell orders started backing up on one side of the system (at the speed of light) with no counter-parties taking the order on the other side of the trade. The counter-party side of the trade slowed or stopped causing this almost instant pile-up of orders. The algorithms on the other side finding no buyer for their stocks kept offering lower prices (as per their software) until they attracted a buyer. However, as no buyer’s appeared on the still slowed or stopped counter-party side prices tumbled at an alarming rate. Fingers have pointed at the NYSE for causing the slow down on one side of the trading pool as it instituted some kind of circuit breaker into the system, which caused all the other exchanges to pile-up on the other side of the trade.  There has also been a focus on one particular trade, which may have been the spark igniting the NYSE ‘circuit breaker’.  Whatever the precise cause, once events were set in train the system had in no way caught up with the new realities of automated trading and diversified exchanges.

More nodes same assumptions

On one level this seems to defy conventional thinking about security – more diversity greater strength – not all nodes in a network can be compromised at the same time. By having a greater number of exchanges surely the US and global financial system is more secure? However, in this case, the theory collapses quickly if thinking is switched from examining the physical to the virtual. While all of the exchanges are physically and operationally separate they all seemingly share the same software and crucially trading algorithms that all have some of the same assumptions. In this case they all assumed that because they could find no counter-party to the trade they needed to lower the price (at the speed of light). The system is therefore highly vulnerable because it relies on one set of assumptions that have been programmed into lighting fast algorithms. If a national circuit breaker could be implemented (which remains doubtful) then this could slow rapid descent but it doesn’t take away the power of the algorithms – which are always going to act in certain fundamental ways ie continue to lower the offer price if they obtain no buy order. What needs to be understood are the fundamental ways in which all the trading algorithms move in concert. All will have variances but they will all share key similarities, understanding these should lead to the design of logic circuit breakers.

New Terrorism

However, for now the system looks desperately vulnerable to both generalized and targeted cyber attack and this is the opportunity for the next generation of terrorists. There has been little discussion as to whether the events of last Thursday were prompted by malicious means but it certainly is worth mentioning. At a time when Greece was burning launching a cyber attack against this part of the US financial system would clearly have been stunningly effective. Combining political instability with a cyber attack against the US financial system would create enough doubt about the cause of a market drop for the collapse gain rapid traction. Using targeted cyber attacks to stop one side of the trade within these exchanges (which are all highly automated and networked) would, as has now been proven, cause a dramatic collapse. This could also be adapted and targeted at specific companies or asset classes to cause a collapse in price. A scenario where-by one of the exchanges slows down its trades surrounding the stock of a company the bad-actor is targeting seems both plausible and effective.

A hybrid cyber and kinetic attack could also cause similar damage – as most trades are now conducted within data-centers – it begs the question why are there armed guards outside the NYSE – of course if retains some symbolic value but security resources would be better placed outside of the data-centers where these trades are being conducted. A kinetic attack against financial data centers responsible for these trades would surely have a devastating effect.  Finding thelocation of these data centers is as simple as conducting a Google search.

In order for terrorism to have impact in the future it needs to shift its focus from the weapons of the 20th Century to those of the present day. Using their current tactics the Pakistan Taliban and their assorted fellow-travelers cannot fundamentally damage western society. That battle is over. However, the next era of conflict motivated by a radicalism from as yet unknown grievances, fueled by a globally networked generation Y, their cyber weapons of choice and the precise application of ultra-violence and information spin has dawned. Five days in Manhattan flashed a light on this new era.

Roderick Jones

“The principal characteristic of twenty-first-century international relations is turning out to be nonpolarity: a world dominated not by one or two or even several states but rather by dozens of actors possessing and exercising various kinds of power. This represents a tectonic shift from the past.”

“Today’s world differs in a fundamental way from one of classic multipolarity: there are many more power centers, and quite a few of these poles are not nation-states. Indeed, one of the cardinal features of the contemporary international system is that nation-states have lost their monopoly on power and in some domains their preeminence as well.”

-Richard Hass, Head of the Council on Foreign Relations and former head of Policy Planning at the U.S. Department of State, writing in 2008.

Google’s rise over the past ten years has coincided with and arguably assisted in the creation of extra-state entities, which can project enormous power globally. The equation can be simplistically stated: in an information economy, control of information equates to raw power. The Industrial Revolution fueled the British Empire, control of markets fueled the American Empire, control of information is fueling the Google empire. In the space of ten years, the Internet has gone from supporting pets.com to being the pre-eminent vehicle for projecting power. However, the continuation of the open Eco-system of information, innovation and development, which has provided the platform for this success is not assured (as has been highlighted by a variety of Internet scholars and strategic thinkers). Open systems are messy, and therefore, closed wall Internet systems may grow in popularity as consumers seek protection from some of the anarchy that reigns online. This scenario is not new. The United States is the original messy open political system and by managing to control this method of organizing society it became a super-power. China offers an alternative: a closed wall system to protect its citizens from the anarchy of open society. Google has been the champion of the open Internet. Just as American exceptionalism has driven the United States to intervene globally to uphold Jeffersonian values, Google intervenes in FCC auctions to ensure the open access to information. Of course the commercial imperative cannot be denied – the United States has financially benefited from promoting the market state, and Google financially benefits wherever there is an open (uncensored) Internet. It has been unclear whether Google would ever seek alliances with nation-states given its extra-territorial virtual nature, but that time appears to have arrived.

Google V China

A clear power realignment is emerging – it is messy and complex, and places some companies, individuals and organizations on a par with nation-states in terms of conducting foreign policy and projecting power. The two opposing factions developing from this realignment look to be those that prefer open standards politically with regard to information, against those who tend toward closed systems. The United States and Google are natural allies in this re-alignment, while China fits more easily with companies such as Comcast, AT&T and other proponents of walled-systems. The diplomatic mystery is Microsoft. While clearly a proponent of and beneficiary of closed systems in business, it has thrived in a open political system. Microsoft seems almost to lean towards China rather than the United States, but at the same time cannot be blind to the dangers of this approach and not realize its natural long-term limitations.   For now Microsoft is expertly balanced.  While Google Versus China is the first major tremor in this re-alignment, more will follow.

Google’s decision to re-examine its China policy and confront the Chinese government should illuminate the nature of the current Chinese system to any business observer: the total use of state power to pursue Chinese aims, including the persistent and ruthless use of all facets of the state intelligence machinery to gain an advantage over their business, political and military rivals. China has reportedly spent heavily on cyber-warfare and espionage capabilities. This investment is being well used. Western governments have long been aware of the nature of the Chinese threat, but it has taken the actions of Google to illuminate this same threat to western businesses with any kind of intellectual property to protect, which is surely all of them.

Samuel Huntington wrote about a post-Cold War “Clash of Civilizations.” What we are now seeing could be more accurately described as a “clash of systems”, which will define the real diplomatic, security, and political challenge of our age. If periodic terrorist plots are still the main security challenge for the United States President in twenty years, the world will be fortunate. It would also likely mean that the United States and its allies prevailed in its greater strategic fight.

Although the power of the United States is fading, its legacy as the sole super-power has left it with certain advantages which should be rapidly exploited by both its explicit traditional allies or its implicit emerging allies from extra-state groups. The United States continues to possess unrivalled military power, befitting its great power status. This shouldn’t be confused with the insurgency wars it has become embroiled in; great power warfare is a different platform. As a result of its recent history, the United States controls the world’s neutral spaces: air, sea and space. From these platforms its extra-state allies, such as Google, could aim their primary weapon – information – at the opposition. Access to a free and open Internet is the key unit of power projection in the coming battle. A fact clearly recognized by Secretary of State Clinton during her recent remarks on Internet Freedom.  Broadcasting free and open Internet service into China or Iran from these neutral spaces controlled by the US military is the correct response from the open-systems alliance. A company with reputedly the world’s best engineers and the country with the most advanced space program should be able to surmount the technical challenges involved. There are numerous precedents when free movement of information [data] have helped crash closed political and information systems: Radio Free Europe feeding news to Soviet dissidents during the Cold-War or more recently, P2P file-sharing networks upending the music industry. As well as broadcasting the free-Internet into hostile space, western Internet companies should help break-down the Great Firewall of China by supporting open-source efforts to hack it, circumvent it, re-wire it and otherwise make it as redundant as the Maginot Line. As the west continues to wring its hands about its opponents, it should look to its most powerful weapon, one which has served it well since the dawn of the enlightenment: information.

In order to realize this objective, the open-systems alliance needs to recognize it is already in a battle. Western governments, led by the US, has been under few illusions about the Chinese government’s military and intelligence apparatus, and the danger it presents for at least ten years. Google is now clearly aware of the persistent danger it faces from Chinese state power, but this message needs to be understood more widely. This is not a benign situation. Furthermore, in a multi-polar world, extra-state power centers such as Google need to embrace their changed ‘great power’ status and organize accordingly. They must develop political and diplomatic alliances, but more crucially understand that if you seek to control, store, analyze, create, or network information you should not be surprised to find yourself in the cross-hairs of the traditional practitioners of this craft: spies and their masters. ]]> http://interrain.net/open-versus-closed-systems/feed/ 0 http://interrain.net/information-war-this-time-its-personal/ http://interrain.net/information-war-this-time-its-personal/#comments Sat, 10 Oct 2009 00:09:46 +0000 Interrain http://interrain.net/?p=120 The ongoing phishing attacks aimed at popular webmail applications are (amongst other things) a massive individualized reputation attack against the holders of those accounts. Friends, customers and contacts all read in bemusement as they receive emails requesting funds from previously trusted cohorts via the email addresses they have used to communicate with them for many years  [in the case of hotmail for potentially thirteen years].  An email address is a personal brand and therefore when it is compromised the consequences can be highly damaging.

Destroying or attacking brands isn’t a new idea, however it is acquiring more potency with the ubiquitous use of social media and the ability to seed negative themes about brands now massively distributed — rather than concentrated in the hands of a top down media system. The company Interbrand produces an annual list of the most valuable brands and goes so far as to ascribe a dollar figure to the brand itself.  Examining the methodology for ascribing a dollar figure to the brand also illustrates how the brands are more vulnerable than ever before to being disrupted at critical points in their value chain particularly where the brand connects with the customer or potential customer.  Disconnecting customers from the brand can clearly be achieved by a targeted use of disinformation emanating from the lower reaches of the world’s wired social networks.  Most companies have experienced some version of this, one of the most long-standing examples is the disinformation campaign mounted against Starbucks, which in its various iterations claims the company refused to ‘give free coffee to western troops fighting in [insert name of war]’.  Starbucks have used the web to deny this but still the message continues to be re-worked and re-used.  It has become clear that the only way to fight an online crowd is with another online crowd but those cannot be simply manufactured but building up online supporters is as important as building loyal customers.

Much of this isn’t news but the ability to apply these principles at an individual level within any given society is becoming more pronounced.  Attacking an individual’s reputation by either hijacking their online identity or surrounding their virtual identity with damaging information is currently a relatively easy proposition.  Anyone savvy enough to know how a search engine is powered, how to manipulate social networks and how to sign-up for the myriad of free online networks and services can launch devastating reputation attacks against individuals by hijacking or smearing their personal brand.  Very little technical knowledge is required to be effective.  This is likely to become a significant trend in the near-term as digital natives play out rivalries in virtual spaces leaving employers, credit agencies and any other outside assessor bemused by how to assess the human sitting in front of them.

So what are the potential solutions to this problem?  There certainly appears to be room for services, which monitor protect and defend virtual brands – this has been happening at a company level but has not migrated down to an individual level [spinhunters appeared to be operating in this space – the blog post on reputation nightmares for CEOs is particularly instructive]. But this is all first generation attack and response planning — second generation activity in this space is potentially much more devastating.  The professionalization of hacking combined with the collection of data scraped from a variety of digital sources means that sophisticated disinformation campaigns can be aimed at any of the brands listed by Interbrand and no doubt could put a significant dent in the dollar figure ascribed to them.   A well designed and well-targeted information attack would also hamper the brands ability to respond by disrupting internal systems and surrounding key executives with a kind of micro-information war.

What is the response to this?  Can you build an early warning system?  Are there Information Warfare Minutemen?  The answers are hard to discern but finding them will form a critical part of defending individual and corporate brands.  Programs can certainly be put in place now to understand the information patterns swirling around individuals or organizations – getting and understanding a baseline of the information terrain you are currently operating within should now be a key security metric.

Given the plethora of software modern jets rely on it seems reasonable to assume that these systems could be compromised by code designed to trigger catastrophic systemic events within the aircraft’s navigation or other critical electronic systems. Just as aircraft have a physical presence they increasingly have a virtual footprint and this changes their vulnerability. A systemic software corruption may account for the mysterious absence of a Mayday call – the communications system may have been offline. Designing airport and aviation security to keep lethal code off civilian aircraft would in the short-term, be beyond any government civil security regime. A malicious code attack of this kind against any civilian airliner would, therefore be catastrophic not only for the airline industry but also for the wider global economy until security caught up with this new threat. The technical ability to conduct an attack of this kind remains highly specialized (for now) but the knowledge to conduct attacks in this mold would be as deadly as WMD and easier to spread through our networked world. Electronic systems on aircraft are designed for safety not security, they therefore do not account for malicious internal actions.

While this may seem the stuff of fiction in January 2008 this broad topic was discussed due to the planned arrival of the Boeing 787, which is designed to be more ‘wired’ –offering greater passenger connectivity. Air Safety regulations have not been designed to accommodate the idea of an attack against on-board electronic systems and the FAA proposed special conditions , which were subsequently commented upon by the Air Line Pilots Association and Airbus. There is some interesting back and forth in the proposed special conditions, which are after all only to apply to the Boeing 787. In one section, Airbus rightly pointed out that making it a safety condition that the internal design of civilian aircraft should ‘prevent all inadvertent or malicious changes to [the electronic system]‘ would be impossible during the life cycle of the aircraft because ’security threats evolve very rapidly’. Boeing responded to these reports in an AP article stating that there were sufficient safeguards to shut out the Internet from internal aircraft systems a conclusion the FAA broadly agreed with – Wired Magazine covered much of the ground. During the press surrounding this the security writer Bruce Schneier commented that, “The odds of this being perfect are zero. It’s possible Boeing can make their connection to the Internet secure. If they do, it will be the first time in the history of mankind anyone’s done that.” Of course securing the airborne aircraft isn’t the only concern when maintenance and diagnostic systems constantly refresh while the aircraft is on the ground. Malicious action could infect any part of this process. While a combination of factors probably led to the tragic loss of flight AF447 the current uncertainty serves to highlight a potential game-changing aviation security scenario that no airline or government is equipped to face.