Feeds

'Nervous' London bankers run mock cyberattack exercise

Banks test resilience of financial system as Occupy protestors mass outside

Secure remote control for conventional and virtual desktops

London banks are taking part in a simulated cyberattack exercise on Tuesday designed to test the resilience of the UK's financial service industry to a collapse of telecoms systems and Olympics-related transport disruption.

The exercise is occurring against the real world backdrop of the Occupy the City protestors, camped outside the Square Mile. The joint Financial Services Authority, Bank of England and Treasury initiative involves staff from around 80 banks. An outline of the scenario to be played out on Tuesday by UK Financial Sector Continuity explains that the excise will look at responses to simulated cyber-attack and internet service disruption.

We have designed a scenario that will test the ability of participants to respond to a concerted cyber attack on the financial sector. Thus, there is a strong focus upon dependencies on telecommunications and the internet as well as managing the return to business as usual.

It will also examine the impact of transport disruption against the backdrop of the Olympics.

In response to feedback, we have released the scenario well in advance so facilitators have more time to review injects and their impacts, engage the right people and in-house experts and organise their participation on exercise day. We have reduced the focus on crisis management and included a dedicated strategic element on exercise day.

Sian John, UK security strategist at Symantec, commented: "With more than 80 companies lined up to take part in the exercise today there are likely to be plenty of nervous bankers in the UK waiting to see the results of this test. Often you see security being considered at the last minute rather than being engineered into projects and infrastructures from day one so it’s very encouraging to see an important sector like this taking part in preventative measures.

"Threats are becoming increasingly targeted and focused on accessing information that can be used for malicious gain or sold on via underground markets. An exercise like this will demonstrate exactly how robust their [banking] systems are and where the vulnerabilities lie. It may mean they need to reconsider back up sites for example or rethink security altogether – whatever the results it’s a nice illustration that financial institutions are proactively looking to manage risk."

Henry Harrison, Technical Director at BAE Systems Detica, said that the scenario played out through the exercise needs to be as thorough and realistic as possible in order to yield the best possible results.

"It is very pleasing to see the financial sector taking the threat of cyber attack so seriously and we hope that other sectors will follow suit," Harrison said. "The key to this sort of exercise is using sufficiently representative scenarios. This is as true for cyberattack scenarios as for financial disaster scenarios – while it is simple to imagine situations such as a total loss of communications, realistic scenarios should also include the loss of confidence in the integrity of data or key systems, or indeed the loss of confidence in the confidentiality of communications between different players in the system." ®

New hybrid storage solutions

More from The Register

next story
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
Reddit wipes clean leaked celeb nudie pics, tells users to zip it
Now we've had all THAT TRAFFIC, we 'deplore' this theft
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
TorrentLocker unpicked: Crypto coding shocker defeats extortionists
Lousy XOR opens door into which victims can shove a foot
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.