WASHINGTON – It’s happening with increasing regularity – a giant sunspot at least six times the diameter of Earth, formed in less than a few hours, is spewing solar flares up to six or seven times the size of Earth.
The flares are becoming more frequent due to the sun approaching what scientists call a solar storm maximum in its 11-year cycle, and the sunspot of immediate concern now is more in alignment with Earth.
The activity has raised new concerns over what effect a direct impact one of these flares, which produce a massive electromagnetic pulse, would have on America’s electric grid system and technology-based society, much of which remains unprotected from any direct EMP event.
The threat is no esoteric scientific theory. It could make bank accounts no more than a file on a hard drive in a bank office, unreachable by customers, experts warn.
What would happen if a massive solar flare should hit Earth and crush the information technology and networks on which the nation’s financial system depends?
It is clear that under an EMP attack, there would be widespread damage to the generation, transmission and distribution infrastructures, including control systems and equipment of the nation’s grid system.
The damage and destruction also would extend to information technology and its networks, and the financial services industry which depends on those systems.
Banking actually is a network of organizations and systems that process money transactions from deposits, funds transfers, savings and loans to other financial services.
Virtually all economic activity in the U.S. and other developed countries depends on a functioning financial services industry. In effect, the financial services industry is not only the medium but the record keeper for financial transactions and is the place where people, companies and, indeed, countries keep their money and other financial instruments.
In effect, it is the core of information technology and networks, without which financial services cannot operate. Its automation has spurred the growth of wealth, greatly increasing the amount of business transacted on a daily basis.
In the early 1970s, the New York Stock Exchange would close on Wednesdays to clear backlogs from an average day of trading, amounting to some 11 million shares.
Today, it’s a different story. The Securities Industry Automation Corporation, or SIAC, has no interruptions in routine operations and handles some 3 billion shares daily.
The SIAC’s Secure Financial Transaction Infrastructure is linked to the securities industry by more than a thousand communications lines to provide data communications connectivity to permit companies to undertake their various financial transactions.
And this isn’t limited just to major corporations. It also includes the individual consumer who wants on-demand money-dispensing from automated teller machines, or ATMs.
“The trend in the U.S. financial infrastructure is toward ever more sophisticated and powerful electronic systems capable of an ever increasing volume and velocity of business,” the 2008 EMP commission set up by Congress said. “The increasing dependence of the United States on an electronic economy, so beneficial to the management and creation of wealth, also increases U.S. vulnerability to an electromagnetic pulse attack.”
The terrorist attack on Sept. 11, 2001, on New York City and Washington, D.C., alone showed the serious vulnerabilities arising from the interdependencies of the nation’s critical infrastructures. The attacks disrupted all critical infrastructures in New York City, including key financial markets, transportation, telecommunications and electric power.
Since December 2002, the Federal Reserve Board has in place a procedure for national security and emergency preparedness of the telecommunications programs that are administered by the National Communications System.
The FRB also has expanded the scope of services that would seriously affect continued financial operations if there is a telecommunications disruption from a few minutes to one day. The various functions – and there are a number of them – require same-day recovery.
“Modern financial services utilities have transformed the national economy from a paper system into an electronic system,” the EMP commission said. “Examples of some key industry utilities include FEDNET, Fedwire, ACH, Clearing House Interbank Payments System (CHIPS), the Society for Worldwide Interbank Financial Telecommunications (SWIFT), the National Association of Securities Dealers’ Automated Quotation System (NASDAQ), the NYSE (New York Stock Exchange), the New York Mercantile Exchange (NYMEX) and the Depository Trust and Clearing Corporation (DTCC).”
The FEDNET is the communications system that connects all 123 Federal Reserve Banks nationwide and the financial services industry generally.
It transfers funds in real time among the banks and other depository institutions, performs real-time sales and record keeping for the transfer of government securities and serves as ACH.
Fedwire is the primary national network to transfer funds between banks, while ACH electronically clears checks, direct deposits of payrolls, pensions, benefits, dividends and direct bill payments.
On an annual basis, the Federal Reserve processes more than 37 billion ACH payments amounting to more than $40 trillion.
CHIPS is an electronic system for interbank transfer and settlement and acts as a clearing house for foreign exchange. The SWIFT provides secure international message payments for stock exchanges, banks, brokers and other institutions.
These messages are instructions between banks and other institutions regarding payments and transfers, but not payments themselves. SWIFT carries more than 8 million messages daily.
The NASDAQ and the NYSE are electronic communications networks that meet the needs of the largest securities markets. They consolidate quotes of multiple dealers in real-time and allow for electronic trading. They each transact some $4 trillion a year in trades.
The NYMEX trades on futures contracts for gasoline, heating oil, crude oil, natural gas and other commodities. It conducts crude oil transactions involving the total daily production of the entire world.
The DTCC settles securities trades for participant banks and is the largest securities depository in the world. It keeps records on securities and conducts transactions electronically. On an annual basis, participants electronically deliver securities valued at some $5 trillion to DTCC.
They all depend on communications lines and electricity for power. Without question, all of this shows that the banking and financial system is virtually 100-percent dependent on the nation’s electronic system.
Virtually all records of financial transactions are stored electronically. The financial infrastructure is a network of electronic machinery ranging from telephones, mainframe computers, ATMs to vast data storage systems.
Similarly, there are third-party processors which are technology companies that provide electronic processing services to financial institutions. The third-party processors work with the banks and other financial institutions to cut overhead by contracting with the processors to undertake the mechanics of the electronic transactions.
Because of the high dependency on electronic systems, experts agree that the financial infrastructure on which the nation has an increasing dependence for its electronic economy is potentially vulnerable to an electromagnetic pulse attack.
It also is vulnerable to an EMP indirectly through other critical infrastructures, such as the electric power grid and telecommunications.
“Technology-related outsourcing is especially appealing because of dynamic changes in technology,” the EMP commission said. The high cost and complexity of new technologies has driven many banks into partnerships with third-party specialists in the field of electronic finance.
Services typically offered by third-party processors include data center management, network management, applications development, check and statement processing, mutual fund account process and electronic funds transfer.
Financial services industry experts have stated that the system is capable of withstanding a wide range of threats, referring to the system as “highly robust.” Even a presidential National Security Telecommunications Advisory Committee, or NSTAC, task force in 1997 expressed confidence in the ability of the financial services industry to withstand attacks.
It has referred to “numerous natural and man-made disasters (that) have forced financial institutions to test and refine their disaster recovery capabilities.”
As the EMP commission points out, there have been a number of such natural and man-made disasters to test the protective capabilities.
In 1988, for example, a fire in the Ameritech central office in Illinois disabled long-distance telecommunications for the Chicago Board of Trade and other major institutions. In August 1990, Wall Street was blacked out for almost a week due to an electrical fire in a Consolidated Edison office.
In April 1992, there was underground flooding in Chicago that affected telecommunications and powers that led to serious outages for a period of time.
The NSTAC referred to the February 1993 World Trade Center terrorist attack.
The World Trade Center bombing on February 26, 1993, struck at the industry’s heart, affecting the New York Mercantile Exchange and many securities dealers and otherwise disrupting activities throughout Wall Street. Numerous problems with facilities, systems, procedures, and staffs were encountered as firms scurried to recover, and some securities firms’ operations were shut down temporarily. However, none of the most critical services were affected, and the effect on the economy as a whole was minimal.
Then there was the 2001 terrorist attack on the World Trade Center that brought down the two towers. However, the NSTAC said this episode, combined with the previous attack, helped them to reinforce the financial services infrastructure even more.
The NSTAC’s claims were even backed by a 2002 report by the National Academy of Sciences, or NAS, in “Making the Nation Safer: The role of Science and Technology in Countering Terrorism.”
The NAS claimed that the financial infrastructure is “highly secure” because of the redundancy of electronic systems.
“While no law of physics prevents the simultaneous destruction of all data backups and backup facilities in all locations, such an attack would be highly complex and difficult to execute, and is thus implausible.”
Indeed, the NSTAC concluded that “physical attacks remain the larger risk for the (financial services) industry.”
However, the EMP commission experts thought otherwise.
EMP not taken into account
While the NSTAC and NAS studies centered on threats to the financial services industry from cyber terrorists using computer-based attacks and even efforts to physically blow up facilities, they didn’t take into account the effects from an electromagnetic pulse attack.
An EMP attack would pose the very kind of simultaneous and widespread threat postulated by the NAS that would be fatal to the financial infrastructure but judged by them to be too difficult to execute and implausible for cyberterrorists. EMP effects propagate at the speed of light and would cover a broad geographic area. Such an attack potentially could achieve the NAS criteria for financial infrastructure catastrophe: ‘simultaneous destruction of all data backups and backup facilities in all locations.’ An EMP would probably not erase data stored on magnetic tape. However, by shutting down power grids and damaging or disrupting data retrieval systems, EMP could deny access to essential records stored on tapes and compact discs (CD).
Experts agree that the vast majority of electronic systems supporting the financial infrastructure have never been tested. Since they haven’t been tested on a system-wide basis, the system never has been hardened against the effects of an electromagnetic pulse event.
“Yet the enormous volume, speed and accuracy required of the electronic infrastructure supporting the financial services industry allow little or no room for error,” the EMP commission said. “Financial operations could not tolerate the kind of disruptions or mass systemic destruction likely to follow an EMP attack.”
As an illustration of what the widespread impact of an EMP event on the financial services industry would be, the EMP commission looked at a one-day snapshot of just CHIPS interbank transaction,s which it said involves some $1.4 trillion of business a day, or some $182 billion every hour.
“CHIPS and Fedwire routinely receive five to 10 funds transfer messages each second during peak traffic period,” the commission said. “The Options Clearing Corporation manages $1.05 billion in average daily premium settlements. On Christmas Eve 2004, a single credit card association processed over 5,000 transactions per second. Financial institutions also must store tremendous amounts of data.
“Terabyte portfolios containing one trillion bytes are now common, and some databases exceed a petabyte, or 1,000 trillion bytes. Changes in these huge databases must be recorded at the end of every business day.”
In its examination of the effects of the 2001 terrorist attack on the United States, the Federal Reserve Board pointed out that even that event had a temporary but serious impact on the very telecommunications infrastructure on which the financial services industry depends.
It showed the concentration of key facilities as a serious weakness. It prompted the equity markets to close for four days following the attack because of a lack of communications. The New York Stock Exchange could not reopen because key central offices were destroyed or damaged, leaving them unable to support major operations for a few days.
Given this experience, an official at the Federal Reserve Board, or FSB, said that the Fedwire, CHIPS and SWIFT would have to cease operations if there was a major disruption in communications, including ACH, ATMs, and credit and debit card transactions.
Disruption of these systems would force consumers to revert to a cash economy, according to Steve Malphrus, staff director for management of the Federal Reserve Board.
“These observations suggest that, if an EMP attack were to disrupt the financial industry for days, weeks or months rather than hours, the economic impact would be catastrophic,” the EMP commission said, adding that the magnitude of an EMP event could be enormous on the nation’s financial services industry.
Despite the robustness of U.S. financial infrastructures against a wide range of threats, they were not designed to withstand an EMP attack. Indeed, the highly sophisticated electronic technologies that make the modern U.S. financial infrastructure possible are the components most vulnerable to EMP.
An EMP attack that disrupts the financial services industry would, in effect, stop the operation of the U.S. economy. Business transactions that create wealth and jobs could not be performed. Loans for corporate capitalization and for private purposes, such as buying homes and automobiles could not be made. Wealth, recorded electronically in bank databases, could become inaccessible overnight. Credit, debit, and ATM cards would be useless. Even reversion to a cash economy might be difficult in the absence of electronic records that are the basis of cash withdrawals from banks. Most people keep their wealth in banks and have little cash on hand at home. The alternative to a disrupted electronic economy may not be reversion to a 19th century cash economy, but reversion to an earlier economy based on barter.
In the immediate aftermath of an EMP attack, banks would find it very difficult to operate and provide the public with the liquidity they require to survive; that is, to buy food, water, gas, or other essential supplies and services. Modern banking depends almost entirely on electronic data storage and retrieval systems for record keeping and to perform account transactions. An EMP attack that damages the power grid or electronic data retrieval systems would render banking transactions virtually impossible as a practical or legal matter.
Operating a banking system using paper and handwritten transactions would be difficult without access to the information contained in electronic records. If a makeshift paper banking system could be organized on an emergency basis, such a system would be fraught with the risk of fraud, theft, and costly mistakes.
To protect from legal liability, the banking and financial system would not be able to revert back to paper transactions. Their own insurance coverage to protect them from legal liability assumes that a modern electronic banking system is reliable, redundant and works consistently.
An electromagnetic pulse event, especially from an E1 attack from a nuclear detonation, would have a profound impact on the financial and banking system. In a 2003 report titled “Paper on Sound Practices to Strengthen the Resilience of the US. Financial System,” the U.S. Security Exchange Commission gave a hint of what such a widespread disruption would entail – just for a day – and called on the industry to be prepared to resume operations within two hours.
In light of the large volume and value of transactions/payments that are cleared and settled on a daily basis, failure to complete the clearing and settlement of pending transactions within the business day could create systemic liquidity dislocations, as well as exacerbate credit and market risk for critical markets. Therefore, core clearing and settlement organizations should develop the capacity to recover and resume clearing and settlement activities within the business day on which the disruption occurs with the overall goal of achieving recovery and resumption within two hours after an event.
Based on the accumulated evidence from experts on the ability of the financial services industry, which includes all of the nation’s banking and financial activities, to protect itself, such a recovery initiative is a pipe dream, analysts said.
The experts, ranging from the EMP commission, the National Academy of
Sciences and even those within the industry, agree that the damage from an electromagnetic pulse attack would be “catastrophic and irreversible.”
Considering that there is no rush by the industry to ensure against such a “catastrophic and irreversible” event, it almost goes without saying to keep plenty of cash at home.