Big banks stage mega-cyberattack drill

cyber security espionage

Beginning at about 9 a.m. ET Thursday, the country's largest financial institutions will endure a large-scale coordinated cyberattack, the likes of which we've never seen.

Good thing it's just a drill.

About 50 institutions -- including banks like JPMorgan Chase (JPM) and Bank of America (BAC) -- will participate in the exercise, called "Quantum Dawn 2." Several government agencies, including the U.S. Treasury, will observe the drill.

The idea is to simulate what would happen if hackers penetrated certain systems in financial companies and agencies. If breached, infections could, in theory impact the entire gamut of the sector from exchanges to brokerages to insurance companies.

The Securities Industry and Financial Markets Association (SIFMA), a trade group, will orchestrate the exercise. The simulated attack will run from 9 a.m. to about 3 p.m. today, crunching about two and a half days worth of faux attacks those hours. No real systems or accounts will be impacted during the simulation.

Related story: Easy ways to keep your online accounts safe

To take part in the drills, each of the participating institutions will be running software developed by Cyber Strategies, a Northfield, Vt., firm that specializes in making cyber exercise software for financial institutions.

Karl Schimmeck, SIFMA's vice president of financial services operations, declined to share specifics of what exactly the simulated threats would look like, but similar drills in the past have looked like a giant, computerized version of roleplaying game Dungeons and Dragons.

Mandiant: Cyber espionage is the new normal
Mandiant: Cyber espionage is the new normal

An employee sitting at his desk might get a prompt saying, "this bank is having integrity issues with money," or "you cant make trades over this technical system." The employee then might role-play talking to an FBI agent -- likely an actual one enlisted to help with the drill, said Dave Aitel, CEO of the security firm Immunity, who formerly worked as a research scientist for the National Security Agency.

Institutions will have the opportunity to practice sharing information with one another during the drill to help navigate through the threats, Schimmeck said.

Related story: cyberattacks are the bank robberies of the future

The financial sector is hoping to prepare itself for a massive, disruptive attack -- a growing concern lately, as "hacktivists," organized cybercriminals and government-spnosored attacks become increasingly large and successful. Though still a far-off doomsday scenario, some security industry experts say the financial sector is vulnerable to cyber-terrorists aiming to damage the U.S. economy.

In a digitized world, every sector needs to worry about cyber breaches, but the financial sector is in a "uniquely bad position," said Aitel. That's because banks and other financial institutions have to do deal with money flows in real time, with markets hanging in the balance.

"Our industry has been the target of many attacks over the past year, and it's important that we stay one step ahead," said Schimmeck.

SIFMA said that Thursday's drills attracted twice the number of financial institutions that participated in first Quantum Dawn exercise, held in 2011.

Though some skeptical security experts dismissed Quantum Dawn as a PR stunt, SIFMA said the first run was useful in uncovering flaws in the industry's cyberattack protocols. The trade group found that banks were largely good at sharing information with one another, but bad at making real-time critical decisions for mitigating the threats.

This time around, banks are hoping to improve their performance and discover new vulnerabilities.

"The banks won't answer all of their questions," said Aitel. "But they will learn more about what kinds of questions they need to ask."

CNNMoney Sponsors