07:36 AM
Connect Directly

Organizing The Response

Since the September 11 attacks, the New York Clearing House has taken a lead role in organizing the industry response to terror.

Since the September 11 attacks, the New York Clearing House has taken a lead role in organizing the industry response to terror.

Starting that morning through September 13, NYCH initiated hourly conference calls with its members to ensure that the payments systems were operating and to address ongoing issues. "Self-interest was put aside immediately and the interest of the industry was paramount in everybody's minds," said Jeffrey Neubert, president and CEO of NYCH.

One month later, a group of over 80 top executives of financial institutions, associations, and other private sector organizations met with high-ranking public sector officials to form the Intercept Forum, whose purpose was to determine ways to identify and intercept the flow of terrorist funds.

At a subsequent October meeting, the Intercept Forum created five task forces, each co-chaired by a private sector and public sector executive and composed of experienced executives from industry and government. The task forces are to establish standards and best practices for managing control lists; information-sharing databases; account and transaction monitoring systems; pattern recognition systems; and for obtaining global cooperation.

Ultimately, success requires leadership, commitment and vigilance. "Leadership is the starting point and the ending point," said Neubert, speaking at an Executive Technology Forum sponsored by Bank Systems & Technology, BAFT and BITS. "Senior, knowledgeable, committed leaders must be at the forefront of these efforts."

Furthermore, leaders must be prepared to delegate their existing tasks. "This isn't a part-time job," said Neubert. "In order for us to win the financial war on terrorism requires full-time commitment."

"This means the people who have been doing other tasks, who have other duties with their institutions, simply have to give up those duties if we're going to win the war," he added.

Teamwork, particularly between the public and private sectors, also holds the key to success, but with clearly defined boundaries. "The Intercept Forum agreed very early on that financial institutions are not in the business of law enforcement," said Neubert. "We clearly don't want to see tellers stopping people at the teller line and asking them to stand aside while they call the FBI."

The five task forces of the Intercept Forum include:

(1) CONTROL LIST: To review and confirm that policies and processes for gathering and reporting information to government agencies are in place and working properly.

(2) DATABASE: To develop a real-time electronic capability for regulatory and law enforcement agencies to send the identities of suspected terrorists and terrorist organizations to financial institutions. Account and/or transaction hits would, in turn, be sent back to FinCEN for further action.

Accordingly, the term "database" is a misnomer. "This is a bigger challenge than just a secure database because many institutions are not equipped to handle a straight, secure-network download and upload," said Neubert. "FinCEN will use other methods to communicate with these institutions."

The process is already underway. "We have worked with FinCEN to line up 24 institutions to do a proof-of-concept," said Neubert. "A vendor has been chosen by FinCEN for the proof-of concept that will lead to a full pilot in May."

(3) ACCOUNT AND TRANSACTION MONITORING: To identify and monitor transactions and account openings related to terrorist activity. By necessity, securing the process of account openings leads to difficult choices. Neubert advocates a national identity program, even though he's certain to face opposition.

(4) PATTERNS OF BEHAVIOR: "It's not just identifying the activity after the fact," said Neubert. "We need proactive, preemptive and preventative measures."

(5) GLOBAL COOPERATION AND BEST PRACTICES: To globally remove obstacles to the flow of information and to export bestpractices to cooperating countries.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Janice, I think I've got a message from the code father!
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.