Feeds

'Nervous' London bankers run mock cyberattack exercise

Banks test resilience of financial system as Occupy protestors mass outside

Protecting against web application threats using SSL

London banks are taking part in a simulated cyberattack exercise on Tuesday designed to test the resilience of the UK's financial service industry to a collapse of telecoms systems and Olympics-related transport disruption.

The exercise is occurring against the real world backdrop of the Occupy the City protestors, camped outside the Square Mile. The joint Financial Services Authority, Bank of England and Treasury initiative involves staff from around 80 banks. An outline of the scenario to be played out on Tuesday by UK Financial Sector Continuity explains that the excise will look at responses to simulated cyber-attack and internet service disruption.

We have designed a scenario that will test the ability of participants to respond to a concerted cyber attack on the financial sector. Thus, there is a strong focus upon dependencies on telecommunications and the internet as well as managing the return to business as usual.

It will also examine the impact of transport disruption against the backdrop of the Olympics.

In response to feedback, we have released the scenario well in advance so facilitators have more time to review injects and their impacts, engage the right people and in-house experts and organise their participation on exercise day. We have reduced the focus on crisis management and included a dedicated strategic element on exercise day.

Sian John, UK security strategist at Symantec, commented: "With more than 80 companies lined up to take part in the exercise today there are likely to be plenty of nervous bankers in the UK waiting to see the results of this test. Often you see security being considered at the last minute rather than being engineered into projects and infrastructures from day one so it’s very encouraging to see an important sector like this taking part in preventative measures.

"Threats are becoming increasingly targeted and focused on accessing information that can be used for malicious gain or sold on via underground markets. An exercise like this will demonstrate exactly how robust their [banking] systems are and where the vulnerabilities lie. It may mean they need to reconsider back up sites for example or rethink security altogether – whatever the results it’s a nice illustration that financial institutions are proactively looking to manage risk."

Henry Harrison, Technical Director at BAE Systems Detica, said that the scenario played out through the exercise needs to be as thorough and realistic as possible in order to yield the best possible results.

"It is very pleasing to see the financial sector taking the threat of cyber attack so seriously and we hope that other sectors will follow suit," Harrison said. "The key to this sort of exercise is using sufficiently representative scenarios. This is as true for cyberattack scenarios as for financial disaster scenarios – while it is simple to imagine situations such as a total loss of communications, realistic scenarios should also include the loss of confidence in the integrity of data or key systems, or indeed the loss of confidence in the confidentiality of communications between different players in the system." ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Jihadi terrorists DIDN'T encrypt their comms 'cos of Snowden leaks
Intel bods' analysis concludes 'no significant change' after whistle was blown
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.