Nigel Davies, Head of Secured Navigation, QinetiQ

Nigel Davies
Nigel Davies

Over the past decade the nature of the threats to society have evolved beyond the physical world in which they traditionally operated. Almost every sector that relies on an internet connection is now at risk from state-sponsored cybercrime and criminal hacking. Unsurprisingly, such activity is posing an increasing threat to the financial trading sector.

Precise timing and synchronisation of financial transactions is critical to markets worldwide, mandated by regulation in the European Union and increasingly required in the United States. High frequency transactions (HFT) involve moving millions of dollars in the space of seconds, with monetary values adjusting and reacting to real-time updates. To support this the industry relies on Global Navigation Satellite Systems (GNSS) such as GPS or Galileo to remain in sync through incredibly accurate timestamps. The MiFID II legislation, announced last year and coming into effect across the EU in 2018, dictates that trades have to be traceable up to 1 microsecond – one millionth of a second. The reliance on such miniscule accuracies and coordination makes GNSS an obvious target for those looking to attack the financial industry.

While GNSS have become a phenomenally successful, ubiquitous and reliable source of accurate time, it suffers from two fundamental vulnerabilities.

The first is in the strength of the GNSS signals which are used by receivers to calculate time and position. An attacker who is able to transmit additional ‘noise’ over the top of GNSS signals can stop a receiver from working properly, or at all. This kind of attack is achieved through devices known as ‘jammers’. The most basic of jamming devices work by broadcasting an excessive noise over the GNSS signal, resulting in the receiver’s inability to lock onto the signals broadcast by the GNSS satellites.

The other vulnerability is the ease with which a false signal can be transmitted by an attacker to trick a receiver into generating a false position or time. This is known as a spoofing attack. The open access GNSS signals which are widely used today by non-military users are defined by open standards published on the internet. While this has led to a vibrant market in GNSS devices, it also means that the signals can be spoofed by attacker.

These two factors combine to make the civilian satellite systems used by the financial trading sector highly vulnerable to tampering, blocking and disruption.

Interfering with a GNSS signal could have consequences for trading bodies calculating the correct time of trades and keeping up with real-time trade requests. Even an event that lasted only a couple of seconds may impact system performance or even cause a crash as timings between networks fail to match. In the era of HFT, this could be costly. Audit trails would also become confused, with one party buying and receiving the share before the other has ‘officially’ sold it. This is crucial when regulators have started to clamp down on HFT fraud; an inability to unravel HFT trails could leave the industry open to market rigging.

The UK is quickly coming to terms with this new age of threats and is looking to future technologies which can effectively secure the nation’s critical infrastructure against them. A new generation of multi-constellation, multi-frequency (MCMF) receivers provide security to a range of threats affecting GNSS by accessing multiple satellite constellations and signal frequencies at once, increasing robustness and security for time-stamping as demanded by financial trading regulators.

In addition, the European Galileo system will introduce a secure, encrypted signal, the Public Regulated Service (PRS), which will be available to government-authorised organisations; financial infrastructures are candidates for inclusion. PRS adds additional resilience against interference and spoofing. Combining an encrypted GNSS services with new MCMF receivers minimises the likelihood of system crashes and timestamp manipulation resulting from spoofing and jamming events.

With the threat of interference significantly reduced, the financial trading sector can be effectively secured on an operational level, safeguarding its future in an era of growing technological threats.

Comments are closed