SDL ‘CyberSMART’ in face of new digital threats
By Kim Burgess
The Herald Journal
August 21, 2008
Imagine foreign officials hacking into Wall Street computer systems and bringing the stock market to a standstill.
National security experts say that scenario is becoming more likely as nations and large terrorist groups realize the potential of cyber attacks.
And with computers storing everything from hospital records to financial transactions, a hit could be devastating.
“The emerging field of largescale cyber conflict is somewhat analogous to the early days of the Cold War,” said Jim Marshall, program manager for cyber security at Utah State University’s Space Dynamics Lab. “We have a new set of difficult technical challenges, and the country needs to build a foundation of knowledge and policy to deal with them.”
SDL is helping to gather that knowledge as a member of the Cyber Conflict Research Consortium, which also includes Norwich University, Miami University of Ohio, the University of Nevada, Reno, and the Potomac Institute of Policy Studies.
The year–old group investigates ways to respond to major attacks on critical infrastructure like water treatment systems and the electrical grid.
In June, the Senate Appropriations Committee approved $3 million to fund CCRC’s latest project, known as Web*DECIDE. The full Senate and House must still vote on the allocation, which is part of the 2009 Department of Homeland Security Appropriations Bill.
With their green light, CCRC will be able to continue the research, which involves simulating the flow of transactions in financial equities markets. The simulations should reveal ways to deal with a disruption in one of those markets.
Marshall explained that Web*DECIDE will allow financial institutions to “drill through what their responses (to a market disruption) will be, like when the military does war games.”
A follow-up project would develop simulations for fixed income securities, like bonds, and some key banking transactions.
“Our financial markets are vital to the smooth functioning of our economy and are highly dependent on high-volume computerized transaction flows,” Marshall said. “Financial institutions are independent entities, but they have to work together to process all of the brokerage, clearing and settlement transactions that have to occur whenever you buy 100 shares of IBM stock, for example.”
In 2006, SDL began developing another “preparedness” tool called CyberSMART. The software creates cyber attack scenarios that can be used by a variety of industries.
SDL, Norwich University and Dartmouth College won a competitive contract from the Department of Homeland Security to collaborate on CyberSMART.
The project cost approximately $2 million and will be completed later this fall.
© 2008 The Herald Journal