Cybersecurity came into sharp focus last week with an unprecedented ransomware attack affecting more than 150 countries. Characterized as “the biggest ransomware attack ever” by Europol spokesman Jan Op Gen Oorth, it has yet to run its course and has affected operations across a wide range of industries.
Before this attack, the Hong Kong Securities and Futures Commission wisely proposed several new rules to strengthen cybersecurity controls for stock trading, in response to a series of account hacks responsible for unauthorized trades in excess of $110MM.
With MiFID II work ongoing (and deadlines looming), few firms are adequately addressing the security needs of modern trading. Flyer takes these concerns and makes them simple. Here are two specific and current cybersecurity issues affecting finance, and some advice on handling them.
The most recent (and newsworthy) ransomware attack is frightening for its widespread reach from corporations to individuals in over 100 countries. Preventing damage from such an attack is a matter of good operating procedures and good business continuity plans. This kind of attack targets either an out-of-date PC operating system, or convinces an unsuspecting user to install a suspicious file. The ransomware software then encrypts all of the user’s accessible files, demanding a ransom (paid usually in Bitcoins) for the decryption key.
In practice, these attacks are easily avoided. Prevention involves keeping PC operating systems up to date and ensuring that users are trained to not open or run suspicious files. Mitigation – responding to a successful attack – is as simple as having good incremental backups and writing off the encrypted data just as one would with a failed hard drive.
Ransomware usually attacks PCs, but in the right circumstances it can access and encrypt data residing on servers, data warehouses, and even production systems. In these cases, having high availability and disaster recovery capabilities is crucial to remaining up and operating. Files encrypted by this kind of attack are lost, and any device so affected should be removed and failed over just like for any hardware failure.
Flyer takes pride in running a secure trading network (https://www.fixflyer.com/connectivity/fix-network/), and we are happy to give more specific advice or guidance to our customers. Just reach out to your support representative today!
The far majority of all FIX traffic today is unencrypted. It’s usually sent in the clear across leased lines or extranets. Very few firms encrypt their FIX traffic despite the wealth of information it contains. This may be standard practice for finance, but it’s out of step with the broader security landscape of today.
Starting this year, Bloomberg is requiring all FIX connections to them to be encrypted via TLS with Bloomberg-issued certificates (https://www.fixflyer.com/blog/ready-bloombergs-fix-changes/). This is one of the first significant pushes toward certificate-based security for financial networks, and it’s just the beginning. Flyer predicts that, within five years, 80% of all FIX traffic will be similarly encrypted.
This isn’t just a matter of encryption: it’s a matter of trust. By using TLS with a unique certificate per-session, Bloomberg can guarantee not only that the right IP address is on the other side, but that the right customer is. Cryptography is about two things: encryption, and verification.
Since Bloomberg’s announcement, Flyer has seen a significant rise in inquiries about how to enable TLS in our software, and every indication is that TLS for FIX will only spread further. Watch for another major FIX endpoints to also move toward requiring this level of security in the coming months.
Fortunately for Flyer’s clients, enabling TLS and encrypting FIX traffic requires no other software; rather it’s a configuration change and a retest within their existing flyer environment. Unfortunately other vendors may not be able to implement encryption without significant software deployments or upgrades.
Your Next Steps
A big part of modern cybersecurity is understanding not only what threats your firm will face, but what options you have to mitigate them. The Flyer Trading Network (https://www.fixflyer.com/connectivity/fix-network/) is a fully encrypted FIX network, our Managed FIX (https://www.fixflyer.com/connectivity/managed-fix/) offerings can help you outsource your FIX connectivity entirely, and our FIX software (https://www.fixflyer.com/fix-software/) natively supports modern encryption.
With over 120 clients worldwide, FIX Flyer develops advanced technology for managing complex, multi–asset securities trading using highly scalable software and network technologies. Clients include UBS, TD Ameritrade, Envestnet, GBM, Barclays, Berenberg Bank, Bank of America Merrill Lynch, Goldman Sachs, and JP Morgan as well as major exchanges like ASX and MexDer. FIX Flyer is headquartered in New York City with offices in Boston and Hyderabad, India. For further information, please contact [email protected] or visit us at http://www.fixflyer.com