Bank of England sends in hackers to test lenders’ defences


EConomics Editor

The Bank of England is to let hackers loose on Britain’s biggest banks to test their defences against cyber-attacks.

Under the Bank’s new framework, known as CBEST, hackers working for private security firms will identify the vulnerabilities of individual institutions, and replicate the methods of malicious attackers.

The Bank said its simulation would be superior to the digital security checks currently used by financial firms because it would be based on real threat intelligence and focus on the more sophisticated potential attacks on systems.

The move follows last year’s recommendation from the Bank’s Financial Policy Committee to beef up the resilience of the financial system to malicious hacking and cyber-crime.

Andrew Gracie, the Bank’s executive director of resolution, unveiled the new framework at the British Bankers’ Association cyber conference. “The idea of CBEST is to bring together the best available threat intelligence from government and elsewhere, tailored to the business model and operations of individual firms, to be delivered in live tests, within a controlled testing environment,” he said.

“Unlike physical attacks which are localised, these attacks are international and know no boundaries. Cyber defence, as a result, has become not a matter of designing a hard perimeter that can repel attacks but detecting where networks have been penetrated and responding effectively.”

The results, including the extent of the access the licensed hackers gain and the damage they could potentially cause, will be shared with both the individual banks and the Prudential Regulation Authority.

“The results should provide a direct read-out on a firm’s capability to withstand cyber-attacks which – on the basis of current intelligence – have the most potential, combining probability and impact, to have an adverse impact on financial stability” Mr Gracie said.

The industry will not be forced to take part but the Bank, which unveiled CBEST unofficially two weeks ago, has seen strong interest from financial institutions. It will cost a bank about £100,000 to have its systems tested under the new regime, which cost about £200,000 to develop.

The internet security giant McAfee has estimated the global cost of cyber-crime at £266bn. In December, the Royal Bank of Scotland said its platform was briefly attacked by hackers, causing problems for customers trying to get access to their accounts.

The Bank expects to have 18 testing companies and nine intelligence firms accredited to carry out the tests after working with the Council for Registered Ethical Security Testers and the intelligence firm Digital Shadows to develop new industry  standards.

The Bank told City firms in February they needed to act more quickly and report to regulators in more detail if they became subject to cyber-attacks from criminal gangs or terrorists. The warning followed a three-day exercise, Waking Shark II, which simulated an attack on the City.

Start your day with The Independent, sign up for daily news emails
ebooksA special investigation by Andy McSmith
  • Get to the point
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating

By clicking 'Search' you
are agreeing to our
Terms of Use.

iJobs Job Widget
iJobs Money & Business

Recruitment Genius: Client Services Assistant

£18000 - £20000 per annum: Recruitment Genius: A Client Services Assistant is ...

Ashdown Group: Junior Application Support Analyst - Fluent German Speaker

£25000 - £30000 per annum + benefits: Ashdown Group: A global leader operating...

Ashdown Group: Training Coordinator - Financial Services

£32000 - £38000 per annum + benefits: Ashdown Group: A highly successful, inte...

Recruitment Genius: Business Development Executive - Affiliates & Partnerships

£20000 - £35000 per annum: Recruitment Genius: This multi-award winning foreig...

Day In a Page

No postcode? No vote

Floating voters

How living on a houseboat meant I didn't officially 'exist'
Louis Theroux's affable Englishman routine begins to wear thin

By Reason of Insanity

Louis Theroux's affable Englishman routine begins to wear thin
Power dressing is back – but no shoulderpads!

Power dressing is back

But banish all thoughts of Eighties shoulderpads
Spanish stone-age cave paintings 'under threat' after being re-opened to the public

Spanish stone-age cave paintings in Altamira 'under threat'

Caves were re-opened to the public
'I was the bookies’ favourite to be first to leave the Cabinet'

Vince Cable interview

'I was the bookies’ favourite to be first to leave the Cabinet'
Election 2015: How many of the Government's coalition agreement promises have been kept?

Promises, promises

But how many coalition agreement pledges have been kept?
The Gaza fisherman who built his own reef - and was shot dead there by an Israeli gunboat

The death of a Gaza fisherman

He built his own reef, and was fatally shot there by an Israeli gunboat
Saudi Arabia's airstrikes in Yemen are fuelling the Gulf's fire

Saudi airstrikes are fuelling the Gulf's fire

Arab intervention in Yemen risks entrenching Sunni-Shia divide and handing a victory to Isis, says Patrick Cockburn
Zayn Malik's departure from One Direction shows the perils of fame in the age of social media

The only direction Zayn could go

We wince at the anguish of One Direction's fans, but Malik's departure shows the perils of fame in the age of social media
Young Magician of the Year 2015: Meet the schoolgirl from Newcastle who has her heart set on being the competition's first female winner

Spells like teen spirit

A 16-year-old from Newcastle has set her heart on being the first female to win Young Magician of the Year. Jonathan Owen meets her
Jonathan Anderson: If fashion is a cycle, this young man knows just how to ride it

If fashion is a cycle, this young man knows just how to ride it

British designer Jonathan Anderson is putting his stamp on venerable house Loewe
Number plates scheme could provide a licence to offend in the land of the free

Licence to offend in the land of the free

Cash-strapped states have hit on a way of making money out of drivers that may be in collision with the First Amendment, says Rupert Cornwell
From farm to fork: Meet the Cornish fishermen, vegetable-growers and butchers causing a stir in London's top restaurants

From farm to fork in Cornwall

One man is bringing together Cornwall's most accomplished growers, fishermen and butchers with London's best chefs to put the finest, freshest produce on the plates of some of the country’s best restaurants
Robert Parker interview: The world's top wine critic on tasting 10,000 bottles a year, absurd drinking notes and New World wannabes

Robert Parker interview

The world's top wine critic on tasting 10,000 bottles a year, absurd drinking notes and New World wannabes
Don't believe the stereotype - or should you?

Don't believe the stereotype - or should you?

We exaggerate regional traits and turn them into jokes - and those on the receiving end are in on it too, says DJ Taylor