UK banks to stress test readiness for major cyberattack

Operation Waking Shark 2

Only days after the authorities gave UK-based banks a time limit to come up with cyberattack defence plans, details have emerged of a major stress test of current financial systems set for next month.

Dubbed 'Operation Waking Shark 2', according to The Daily Telegraph the test day will simulate a "severe" attack on payment providers, banks and markets to sniff out weaknesses in defence strategies, communications, and procedures.

This follows on from the smaller Waking Shark exercise that took place on the afternoon of 11 March 2011 which uncovered confusion about which bodies organisations should use to communicate with one another in the event of an attack.

Banks were also reportedly unclear about the relative roles of the Financial Services Authority (succeeded by the Financial Conduct Authority), the Serious Organised Crime Agency (now the National Crime Agency) and the Centre for the Protection of National Infrastructure (CPNI).

The size of the exercise has been greatly expanded from around 100 people that took part in 2011's exercise to a reported "several thousand" in the November 2013 follow-up.

Banks whose performance is found to be weaker than their peers will be asked to invest in better systems, the newspaper said.

"Not only are banks operating with legacy systems that in some cases have been in existence for many years, it is also a sector where innovation across new banking channels, such as online and mobile, is creating complex multi-channel IT infrastructures," commented Fujitsu UK client managing director, Dorian Wiskow.

"What is paramount here is that the industry does not overlook or get complacent about security or place it in the "too big to fix" category," he said.

According to Dana Tamir, director of enterprise security at Trusteer, banks were now a major target for a variety of attackers.

"Recent cyber-attacks on US banks have caused losses estimated in millions of dollars. Both the frequency and sophistication of such attacks is increasing. Cyber criminals are using all means available, including DDoS attacks that target the online banking systems from the outside, and advanced malware that enables the attacker to gain control over an internal employee endpoint, and attack these systems from the inside," he said.

Motivations included commercial manipulation, data theft and the emerging threat of ideological and political opposition.

Last week, it emerged that the authorities recently demanded banks to create convincing cyberdefence plans by the end of the first quarter of 2014. But not everyone is convinced that the model is fool-proof.

"Talking about inside and outside threats to banking security is an increasingly outdated way of thinking," commented Geoff Webb of NetIQ.

"Banks have to assume that they have already been breached and as a result need to act accordingly. Operation Waking Shark 2 helps banks to prepare for the external attacks that are happening on a regular basis, but banks need to address the fact that they are likely to have hackers inside their organisation already by monitoring who accesses what and when, looking for tell-tale signs of hacker activity."

Join the CSO newsletter!

Error: Please check your email address.

Tags Financial Conduct Authoritysecurity

More about Dana AustraliaFujitsu AustraliaNetIQNetIQTrusteerTrusteerTrusteer

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John E Dunn

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place