Cyber Wars - update and refresher

Fri 08 Jun 2018

By Brian Dennehy

Access Level | public

Market commentary

Print

technology

Back in our April teleconference there was a focus on cyber war, and how cyber risks can hit your portfolio in a number of ways.  Problems with Visa and TSB in recent weeks serve to highlight that vulnerability.  This is both an update, and a refresher.

(still available here for Gold Members)

Just before our teleconference in April the Sunday Times headline proclaimed:

“Serious cyber attack is a matter of when, not if”
(Ciaran Martin, CEO of National Cyber Security Centre)

It isn’t just about cyber attacks, but also large scale cyber, or systems, failures.  It is not always easy to know the difference, as I will explain.

The TSB systems melted down a few weeks ago, and apparently some people are still enduring limited access to their money – an “upgrade problem” we were told.  Last week the European-wide Visa payments system broke down – a “hardware issue” we are told.  The Aegon/Cofunds fund platform, with many more individual clients than Hargreaves Lansdown apparently, has also encountered severe problems in recent weeks with many investors unable to even see their holdings, let alone trade – again an “upgrade problem”.  There were other examples in the last month or so, but that’s enough for now.

At a basic level all these incidents highlight the vulnerability of each of us, as we increasingly rely on the internet to run our lives.

But these incidents inevitably also made me reflect on the events in Iran at the turn of the decade, as referred to in the teleconference, and dealt with in vivid detail in the documentary film “Zero Days”.

The Stuxnet virus as discovered in Iran in 2010 was not built to steal money or secrets – it was designed to wreak havoc, in this case the target being Iran’s very sophisticated nuclear programme.

Though uncovered in 2010, it had been operative since 2007.  For whomever planted the virus the key was that “the enemy” wasn’t aware there was a virus.  The Iranians presumed they were encountering a conventional problem, indeed the virus was designed to kid them in just this way.  Iran began to doubt their own capability, and scientists and engineers were sacked for presumed incompetence.

When non-Iranian cyber experts began to look at the now uncovered virus in 2010 one said “it went beyond our worst nightmares”.  Another said that normally they will get to the bottom of a virus and its threat in minutes.  On this occasion they were barely beginning to understand it after a month, and the quality was extremely rare.

Stuxnet is called the world’s first digital weapon - it wasn’t designed to be inconvenient, it was designed to destroy.  It was designed by a country (or countries) to cause very serious damage to another.

Coming back to today, what prompted the above quote in the Sunday Times was the developing conflict in April between Russia and the West over the Salisbury poisonings.  The US sanctions attacked the heart of the Russian financial system, particularly friends of Putin.  This inevitably raises concerns around retaliatory cyber-attacks by the Russians. 

How could Russia most easily retaliate against the financial systems in the West?

A focussed cyber attack disabling banks and/or markets.  More drastically, they could attack power grids.  Far fetched?  No.

Again in April, the US and UK issued a joint warning that Russia was deliberately targeting Western infrastructure.  The FT said:

“Moscow is attempting to compromise electricity grids and… banks”

The National Cyber Security Centre (part of GCHQ) said

“it is a matter of when, not if, the UK faces a serious cyber attack."

The problem is that there are no rules on cyber attacks, no Geneva Convention.  How far can a country go?  When is it war?  One adviser to the US government said it appears you simply do:

“...what you think you can get away with.”

What should you expect?  Probably a so-called Denial of Service (DoS) attack, which might last a few hours or days.  If only for a few days we could probably all cope with the shorter term inconvenience. But the damage to energy plants or banking systems or stock market could take weeks to fix even once the internet is back and working.

The hit to the confidence of investors is the big problem. 

If you were targeting a country's financial infrastructure you would choose to launch your cyber attack at the point of greatest weakness – a growing number of analysts believe that the time of greatest weakness for Western financial markets is right now.

We know that there is a list of very fundamental vulnerabilities.  The markets resemble my oft-mentioned avalanche-prone snowy slope, just waiting for the final snowflake to trigger a complete collapse, the features of which are:

  • Massive US stock market over-valuation, which is only justified by low interest rates.  And interest rates are now heading up.
  • Bond bubble only justified by government buying.  But interest rates are heading up and bond buying is ceasing.
  • Markets dominated by robots, so investment horizons are measured in days, hours and seconds.  Programmed selling will be machine vs machine.

How should you respond?  It probably feels to you right now that this problem has disappeared because it no longer dominates the headlines.  It hasn’t.  The current relative calm gives you an ideal opportunity to plan ahead.

In our report “Opportunity Knocks Or Apocalypse Postponed” (for Gold Members) we set out how you might prepare for these possibilities, in particular with a check-list so you know, for example, how well prepared is your choice of trading platform and/or advisers.

Don’t wait for cyber wars to hit the headlines before you act.  It might be too late.

FURTHER READING

Categories:

Market commentary

Print

Share this post: