Recent cyber attacks reveal bank vulnerabilities, says Bank of England

Several banks targeted in last six months

Several banks have been targeted in cyber attacks in the past six months, disrupting services and highlighting the vulnerabilities of their IT infrastructure.

In its 'Financial Stability Report', the Bank of England warned that continued attacks against UK financial institutions could result in "significant" costs for the sector.

"Cyber attack has continued to threaten to disrupt the financial system. In the past six months, several UK banks and financial market infrastructures have experienced cyber attacks, some of which have disrupted services," the BoE said.

"While losses have been small relative to UK banks' operational risk capital requirements, they have revealed vulnerabilities. If these vulnerabilities were exploited to disrupt services, then the cost to the financial system could be significant and borne by a large number of institutions."

The report states that bank vulnerabilities are largely due to a high degree of connectedness, centralised market infrastructure and "complex IT systems".

The BoE said that a programme of work has now been developed to "assess, test and improve the financial system's resilience to cyber attack".

The report follows a meeting of the Bank's Financial Policy Committee (FPC) earlier this year, where regulators were called to ensure that "concrete plans" are put in place by UK bank leaders to deliver a high level of protection to rapidly evolving cyber threats.

A recent exercise dubbed 'Operation Waking Shark 2' was conducted to simulate an attack on payment providers, banks and markets to find weaknesses in defence strategies, communications, and procedures.

The BoE's executive director of financial stability, Andrew Haldane, claimed that cyber attacks are being taken increasingly seriously by leaders at the large UK banks, presenting a greater threat than the Eurozone crisis.

Tags: Bank of England, security

DDoS botnets already smarter, fiercer in 2014: Imperva Incapsula

Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Endpoint Security and Data Protection

Protect your computers and data.

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).

  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.