Bank of England ranks cyber attacks above Eurozone crisis as biggest threat

However understanding and management of this risk is still at an 'early stage', says Bank of England's Andrew Haldane

Cyber attacks have risen to the top of the list of threats for UK banks according to Bank of England's director of financial stability, Andrew Haldane, but understanding and management of the risk is still at an "early stage".

Speaking at a Treasury select committee on Wednesday, Haldane said that during recent meetings with the five top banks in the UK, four of the banks had claimed that the threat of cyber attack now present a major threat to their stability - more so than even the eurozone crisis.

However Haldane said that despite the awareness among leading banks, there was still a way to go in terms of fully understanding the risk presented.

"Four of the five identified cyber risk as having risen to the top of their list, which I thought was very interesting," Haldane said. "What was just as interesting was that the fifth firm didn't have it on their list."

"They now do, which is the source of some reassurance, but it made me think that understanding and management of this risk was still at a somewhat early stage."

Haldane added that there is a need for more action by both the Bank of England's Financial Policy Committee and the government to ensure that the financial sector is prepared the "ever-evolving" cyber threat.

"You could see why the financial sector would be a particularly good target for someone wanting to wreak havoc through a cyber route," Haldane said. "So I very much hope the FPC and wider government - as I think this has to be the wider government - would take a close look and a deep dive into the state of preparedness of the financial sector for such threats, which of course are ever-evolving. The cyber risk is one that is difficult to keep up with because it is moving at such pace over the past six to twelve months."

Symantec's UK security CTO, Sian John, warned that despite efforts on the part of both the banks and the government to prepare for attacks, more can be done to protect against the wide range of threat types.

"In 2012, financial companies and public sector institutions were the UK's most attacked businesses and organisations," John said. "Although banks continue to invest in new security technology this shows just how crucial it is for them to be ahead of the curve."

"Eighteen months ago, British banks took part in a cyber attack exercise to see how they would cope with a collapse of their telecoms, internet and other business-critical systems. With the continued threat of financial Trojans - which steal banking details - and ever more sophisticated attacks by cybercriminals, there may be cause for banks to test their systems again to ensure they are fit for purpose."

Banks in the UK have come under attack from organised cyber criminals in increasingly sophisticated attacks, however there is also the threat of state sponsored attacks. Countries including Iran and China have been accused by the US of orchestrating attacks against the financial sector in recent months.

Last month reports emerged of a significant attack against a financial exchange firm. The 167 Gbps attack was described as the largest ever targeted at a fiancial sector organisation according to security firm Prolexic.

Join the CSO newsletter!

Error: Please check your email address.

Tags Bank of Englandsecurity

More about Andrew Corporation (Australia)Symantec

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Matthew Finnegan

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place