什么电话会将雷达奥里奥,拉里·福克尔或史蒂夫·施瓦茨曼永远不会想要得到?
The one, ringing late at night from a panicked underling, informing him that he’s been hacked.
我并没有提到拒绝服务的“常见的”网络攻击,电子盗窃数据或金钱,甚至可能锁定经理的计算机。所有这些都肯定是令人不安的事件,但它们代表了相对陈旧的观点。
我预言的黑客不是恶意演员窃取专有数据的努力。相反,这种黑客的目标是操纵经理的数字信息和系统 - 对于许多公司来说,其价值主张的核心。
Data sabotage might sound surreal. It’s not: Intelligence leaders consider it the next iteration of cyberattacks. No less an authority than James Clapper, director of national intelligence, made this clear to the Senate Armed Services Committee in February, stating, “Future cyber operations will almost certainly include an increased emphasis on changing or manipulating data to compromise its integrity.”
These and other members of the intelligence community consider data manipulation a paramount concern because it disrupts the fundamental premise of our entire digital world — in the words of admiral Mike Rogers, National Security Agency director and head of U.S. Cyber Command, “that whatever we’re looking at, we can believe — whether it’s the balance in your personal account . . . or the transactions you make in the financial sector.”
Rogers recently gave a military example at a Defense Forum in California. “As a military commander, I’m used to the idea that I can walk into a darkened space with a lot of sensors coming together and look at a visual image that uses color, geography, and symbology and quickly assimilate what’s going on and make very tactical decisions,” he said. “But what happens if what I am looking at does not reflect reality [and] leads me to make decisions that exacerbate the problem I’m trying to deal with [or] make it worse?”
The analog for asset managers is that they trust the accuracy of what they see on their computer screens — trading instructions, position ledgers, performance reports, NAVs, customer balances, risk reports, and more. If their screens fail to reflect reality, they cannot make Rogers’s “tactical decisions” and, because the attack occurs stealthily over time, they cannot be sure of the veracity of historical information.
This is why such a cyberattack is asset managers’ doomsday scenario. It transcends the loss of their biggest clients, wholesale changes in personnel, or even adverse regulatory action. The affected manager would not only have to immediately cease operations, he would likely be compelled to shutter the business.
Allocators I spoke with unanimously confirmed the terminality of such an attack. The paralyzing nature of what the SEC would clearly view as a material event requiring disclosure, coupled with the ensuing loss of trust expressed through wholesale redemptions and the extirpation of all prospective investments, the certainty of multiple legal actions against the manager (especially for those handling 401(k) assets), and governmental scrutiny would force the manager out of business.
数据操作的后果是攻击ld reverberate throughout the asset management industry. Asset allocators and investment consultants would immediately scrutinize every current and prospective manager’s cyber-integrity and –resilience. Distrust would become the norm. Managers, in turn, would engage in a wholesale review of their own systems. Regulators, governments, and watchdog groups would almost certainly use this attack to reevaluate current safety measures and explore new regulations that better protect institutional and retail investors — all in the name of quelling the subsequent widespread fear and restoring trust in the financial services industry and the financial markets themselves.
I venture to say that such an attack and the resulting cascade of actions is a certainty. If the NSA itself can be hacked — which it was this August — then asset management stands little chance of avoiding this fate.
However, the question of “why” remains. I posit two possible motives for a data manipulation attack on an asset manager.
The first is financial: The hack is used to extort payment (probably in a cryptocurrency) from the manager in exchange for restoring its data and systems to their proper condition (and not making public the sabotage). This is ransomware, the modern equivalent of a Mafioso shakedown.
第二个是思想:有些男人只是想看世界燃烧。这是以网络针的主义。和资产管理人员收取哪种更好的目标,因为退休人员,大学,基金会,保险公司和主权国家的利益,以保管万亿美元的资产?