In the even that an electromagnetic pulse attack is launched on a financial institution’s IT equipment, the subsequent systematic damage and threat will endanger the stability of securities and futures market operation, causing the loss of trade information and the paralysis of the system. Investors’ doubts about securities and financial institutions’ information security may arise, which jeopardizes the trust in the overall financial stability. Therefore, financial institutions’ protective measures against electromagnetic pulse attacks are extremely crucial. To fortify its facilities’ defense resilience, TDCC, serving as the back-office institution of the capital market and currency market as well as the critical infrastructure provider, has been researching new attack models under the instructions of the Authority and planning feasible defensive plans. This report examines achievable protective projects against the above-mentioned EMP attacks. Through understanding countermeasures against electromagnetic pulse attacks, the report will sort out TDCC’s counteraction and resilient capabilities that can immediately restabilize and recover the information system when the company is under an electromagnetic pulse attack and encounters a comprehensive, unexpected material information security incident.

An electromagnetic pulse refers to a type of electromagnetic radiation generated from explosions (especially nuclear explosions), lightning, sunspots, conduit effect, or electric sparks from appliances. Also, an electromagnetic pulse can be produced from a drastically volatile alternating electromagnetic field resulting from photoelectrons through Compton scattering or photon scattering. An electromagnetic pulse that is conducted on electronic materials, blasting equipment, or surrounding media is called EMP, and the possible damage is as follows:

(1) The electric field changes due to the electrons generated by the explosion, and a current is generated. (2) A strong instantaneous current forms an electrical standing wave on the wire. (3) The current on the wire exceeds the load to produce a thermal destruction effect.

1. Damage to information equipment and electronic circuit (1) System damage ( electronic circuit damage ): Some components in servers and internet communication devices are attacked by an electromagnetic pulse, so the internal electronic components short-circuit due to the instantaneous overload. Irreparable permanent destruction is therefore caused (For example, semiconductor insulating layers, integrated circuits, and fuses are burnt due to overheating.) This results in the breakdown of the entire equipment, and the damage is permanent. No regular function is possible unless repairs are conducted. (although the exterior of these electronic equipment is still intact).

(2) System disturbance (short-circuit): The power from an electromagnetic pulse brings about different disruptions such as abnormal functioning, malfunction, and latch-up (For example, the instruction information coding in the computer memory is affected, resulting in procedure disorder and calculation errors. The states of the control switch, relay, and touch electric circuit are affected, causing the appliances to be out of order/control and to produce errors.)

(3) Impacts on magnetic storage facilities and media: Generally speaking, damage to a magnetic tape through a magnetic field relies on the creation of a magnetic field strength in Teslas. Immense power is needed to create this kind of magnetic field, and it’s even difficult for an unshielded magnetic field.

An artificial, high-power EMP explosion is very likely to be created through high electric current and voltage, and temporary or even permanent damage can be done to magnetic storage facilities and media functions. Furthermore, the magnetic materials will be directly affected, and then the magnetic tape of the storage media will be destroyed. In addition, some IT equipment recyclers use controllable EMP to erase such magnetic media. Therefore, an electromagnetic pulse can still have destructive effects on magnetic storage facilities and media.

(4) Impact on a server hard drive: As an EMP wave passes, with the passing of the wave peak and the reversal of the magnetic field, it tends to move backward between the front of the stronger magnetic field and the following weaker magnetic field, and thus an electromagnetic loop is created.

This loop, inducing electric current and voltage, is the cause of EMP damage and can burn the thin wires in a hard drive coil or the low-voltage parts and narrow traces in a silicon chip.

A server host is usually coated with a heavy metal case, which provides partial shielded protection. If a storage facility is enclosed inside a metal case, it can probably be protected from destruction. That is because the passing magnetic field will first induce a magnetic field in the metal case. A pulsed magnetic field has to achieve metal saturation and then disrupt the internal electronic device. If the conductive case is thick enough to induce all eddy currents, or if the pulse is too weak to achieve saturation in the metal case, the hard drive inside the case will neither be damaged nor destroyed. The data inside will not be ruined either.

In view of an EMP attack and its possible, enormous effects on information equipment, TDCC’s protective measures are as follows:

1. Establish a backup mechanism TDCC has adopted a real-time measure, maintaining the operation of the remote backup of the core system. When undergoing a material disruption (EMP pulse), the core system is switched to the remote backup center, providing uninterrupted service outward.

2. backup data storage third place Data backup is conducted daily, and a third physical magnetic tape is produced and stored individually in a third place. In the future, if the core and remote backup centers are under an electromagnetic pulse attack, and the third set can be used. Physical tape , restore the operating system .

In order to strengthen the electromagnetic pulse protection of EMP, the company will continue to pay attention to the newest EMP protection mechanism, and plan to further improve information facilities and the protection measures for the company's computer room ,including the construction of magnetic tape attack protection and building shielding protection.