[Infowarrior] - U.S. Tightens Security for Economic Data
Richard Forno
rforno at infowarrior.org
Tue Jul 17 09:18:45 CDT 2012
July 16, 2012
U.S. Tightens Security for Economic Data
By JOHN H. CUSHMAN Jr.
http://www.nytimes.com/2012/07/17/business/labor-dept-tightens-security-for-market-sensitive-data.html
WASHINGTON — On Tuesday morning at precisely 8:30, after a 10-second countdown synchronized to the Naval Observatory’s atomic clock, a Labor Department official flipped a master switch in the agency’s battened-down pressroom and computers blurted out the monthly Consumer Price Index.
Until that moment, the market-sensitive data was guarded with launch-code secrecy, a precaution against anyone who might try to take advantage of an accidental or a surreptitious leak to gain an insider’s edge in the financial markets, turning milliseconds into millions.
Yet for all the rituals of high security, government officials have become increasingly nervous that their process is vulnerable, and are now overhauling it.
After a yearlong review that included scrutiny by anti-hacking specialists from Sandia National Laboratories, officials at the Labor Department revoked the credentials of a few little-known news organizations that appeared to serve financial clients rather than the public at large.
The government has also ordered other media groups to replace their computers in the lockup room with new computers under tighter controls.
The efforts stem from the newfound importance of high-speed trading, which began to grow significantly in the middle of the last decade and is now a central part of some hedge funds’ investment strategies. By gaining information seconds or minutes before others, high-speed traders — sometimes known as high-frequency or algorithmic traders — can use the computerized nature of modern finance to make quick profits or, if a bet goes wrong, take large losses.
In addition to the inflation numbers, the lockup process, in use at several agencies, covers releases on economic growth, home sales, gas prices, corn yields and the unemployment rate, among other things.
The Labor Department’s overhaul was ignited by inquiries starting in 2007 from the F.B.I., the Securities and Exchange Commission and the department’s own inspector general. Officials did not cite any specific major breach of security, but they had grown concerned that one was possible. Two instances in 2008, when Reuters accidentally released data a few seconds too early, heightened concerns.
The clampdown has strained the Labor Department’s relations with some of the world’s biggest news agencies, including Reuters and Bloomberg News. In negotiations with the department and at a fractious Congressional hearing, the companies suggested the government was taking extreme measures against an imagined threat.
At the center of the Labor Department’s effort was a so-called Red Team from Sandia Labs, a federally financed research group operated by a subsidiary of Lockheed Martin, which has half a century of experience in computer security, including work on the military’s command and control networks.
The “root cause” for the review, the team noted, was the possibility of traders or their agents working inside the lockup.
Acting on the team’s recommendations, Labor Department officials sought a wholesale replacement of the computer equipment in the lockup room. The replacement is scheduled to happen by September, although further steps to shield against surreptitious transmissions are possible later.
At a hearing of the House Committee on Oversight and Government Reform last month, the former Bureau of Labor Statistics commissioner Keith Hall explained the main worry, which is that the growing reliance on high-speed trading had created the potential for participants in the media lockup to give an unfair advantage to traders.
“Lockup participants may now have access to specialized computer equipment and software that links them directly toautomated trading models,” he noted. “This effectively allows financial market transactions to be driven from inside lockups.”
Carl Fillichio, the Labor Department official in charge of the overhaul, described a series of malfunctions and violations over the last few years, including the installation of fiber optic cables in the lockup room without permission or the use of BlackBerrys or mobile phone cameras. Media companies themselves have complained about competitors who “may have gained unfair advantage in speed of transmission or have surreptitiously broken embargoes,” Mr. Fillichio added in his testimony.
Some members of the media, however, say the crackdown is unnecessary. (The New York Times does not participate in the Labor Department lockup.)
“What is the problem you think, you imagine that this will prevent?” asked Daniel Moss, an executive editor at Bloomberg News, in an April conference call between Mr. Fillichio and news organizations. Mr. Moss, plainly exasperated, repeated the question several times but got no clear answer.
Government officials consider the potential security problems to be real. After a five-member team from Sandia Labs visited the lockup room last July, it identified “verified vulnerabilities in processes, procedures and systems used to protect” embargoed data, according to the summary of its report.
The team warned about methods of sneaking information out, such as by hidden transmitters, or bypassing the black boxes and master switches that keep the lockup room under electronic quarantine through other means, like wireless Internet. The team noted that “likely adversaries” had the technical and financial resources and possibly the willingness “to bend and potentially violate rules and laws.”
But it said any culprits were unlikely to “employ violent means to meet their goal of exfiltrating embargoed data prior to the official release time.”
At the oversight hearing, Mr. Moss of Bloomberg News argued that traditional media outlets were not the problem and suggested that the Labor Department instead expel those groups connected to algorithmic traders from the lockup.
Ultimately, the Labor Department did pull the credentials of a few organizations — including Need to Know News, a small enterprise owned by the German exchange. Its data goes directly from the lockups to specialized trading programs. Mr. Fillichio explained that they were not “primarily journalistic” and did not “disseminate their information to a wide audience.”
Chris Rhea, chief executive of Need to Know News, referred questions to a spokesman, who did not respond.
In the initial stages of the crackdown, Mr. Fillichio ordered lockup participants to use government computers, transmission lines and even pens and pencils and paper while inside the lockup. Media groups objected.
“This proposal threatens the First Amendment,” Mr. Moss said at the oversight hearing, adding that it would give the government “access to a reporters’ thoughts, drafts or notes as a condition for covering the news.”
After another round of negotiations, the government backed off a bit. For now, some equipment owned by media companies is expected to stay. But over the next few months they will have to deliver new, shrink-wrapped terminals, which will be subject to inspection and maintenance by Labor Department technicians.
One question that is still unresolved is how many seats each organization will be allowed.
Space is tight in the lockup. And paradoxically, all the attention to this obscure room on a drab corridor has brought newcomers knocking, as if at the door of a speakeasy.
This article has been revised to reflect the following correction:
Correction: July 16, 2012
An earlier version of this article misstated Mr. Moss’s title at Bloomberg News as executive director.
---
Just because i'm near the punchbowl doesn't mean I'm also drinking from it.
More information about the Infowarrior
mailing list