Scenarios for a Cyber Collateral Attack

Finadium
March 2019

Finadium reports are distributed primarily by subscription. If you are a research subscriber, please log in to download a copy of this report. Otherwise, please contact us at info@finadium.com.

Financial services market participants have engaged in substantial work at individual firms, industry associations and regulatory agents to protect against a general cybersecurity attack. These efforts have led to important lessons in communication, coordination and the requirement to restart operations within two hours to ensure public confidence. A cyberattack is likely inevitable, but industry participants are prepared to respond.

The contribution of this report is to focus specifically on how an attack could occur in collateral markets that could destabilize a range of bilateral industries, including OTC derivatives, repo and securities lending. A successful attack would begin with one institution, but systemic- wide doubt in collateral regimes could create a crisis-like situation if not promptly resolved.

We provide critical thinking about points in the system where a malicious actor could cause damage and what can be done in the event of a serious incursion, following on the model of SIFMA’s Quantum Dawn exercises. We offer several scenarios that could impact the market.

This report is useful reading for technology professionals in the collateral space, cybersecurity professionals in financial services and regulators concerned about the security of the financial industry.

Table of Contents

• Executive Summary
• The Rumbles of Concern
• An Infrastructure Attack
  • – BNY Mellon and DTCC
  • – Trust in the Network
• A Trading Attack
• Preparing for the Expected
• About the Author
• About Finadium LLC