City firms found failing in the battle against attack from cyber sharks
Bank of England's Waking Shark II exercise reveals that police have to be called in faster
Thursday 06 February 2014
City firms have been told that they need to act more quickly and report to regulators in more detail if they become subject to cyber-attacks from criminal gangs, terrorists or hostile countries.
The Bank of England, which conducted a massive simulation exercise called Waking Shark II, representing a three-day attack on the City back in November, said this had shown that banks had made considerable progress in the last two years, but more could still be done.
The detailed review of the Waking Shark II exercise was revealed as the Business Secretary, Vince Cable, hosted a summit of regulators for the financial, water, energy, communications and transport sectors with ministers and top officials from the security and intelligence agencies, to discuss working in partnership to address cyber threats to the UK's essential services.
Waking Shark II, held on a single day in a City livery hall, simulated a three-day concerted cyber-attack on the UK's financial system by a hostile state. It was aimed at the wholesale areas of the market and was designed so that the third day included the "triple witching" when stock options and futures all expire at the same time.
The exercise included denial-of-service attacks on firms' websites, attacks on their networks and problems with closing share prices, bond clearing and payment instructions.
Andrew Bailey, a deputy governor of the Bank of England and the head of the Prudential Regulation Authority, said: "It is essential for financial stability that the UK financial system and its infrastructure continues to work towards improving its ability to withstand cyber-attacks."
The Bank of England said that Waking Shark II had worked, but that it would now consider creating a single co-ordinating body across the financial industry to manage how banks, firms and regulators communicate with each other in a cyber-attack crisis.
It said that it would look at strengthening the Cyber Security Information Sharing Partnership, set up in March last year, which connects firms and government agencies.
This partnership is complemented by a "Fusion Cell" supported on the Government side by the Security Service, GCHQ and the National Crime Agency, and by industry analysts from a variety of sectors.
The Bank also warned banks and firms that they needed to be much faster in reporting criminal attacks to the police and, if necessary, other law enforcement agencies.
It said that it would also make it clearer to firms which are regulated by both the PRA and the Financial Conduct Authority how and to whom they should report incidents.
Mr Bailey said: "The role that regulators such as the Bank of England and Ofcom are already taking to embed cyber security in their sectors is vital, as set out in a joint communiqué outlining steps that government and regulators agree to undertake to help manage cyber risk across each sector."
Mr Cable said: "Cyber-attacks are a serious and growing threat to British businesses, but it is particularly important that those industries providing essential services such as power, telecommunications and banking are adequately protected to avoid disruption to our everyday lives."
The Bank said there was demand for "further and more challenging" exercises including extending simulated cyber-attacks to firms' retail businesses.
- 1 Games of Thrones actor Lena Headey makes emotional promise to her unborn daughter
- 2 Isis burns woman alive for refusing to engage in 'extreme' sex act, UN says
- 4 Female Muay Thai champion hustles coaches to give them a beating
- 5 Picture of couple posing with beached dolphin 'that later died' causes outrage
Isis burns woman alive for refusing to engage in 'extreme' sex act, UN says
Purity balls: Girls in the US making virginity pledges as fathers vow to 'protect purity'
Puerto Rico, island of lost dreams: People are leaving the debt-hit territory in droves as near neighbour Cuba's star rises
Female Muay Thai champion hustles coaches to give them a beating
16-year-old girl beaten and burned alive by lynch mob in Rio Bravo, Guatemala
As a white man, I'm surprised more women aren't tweeting the hashtag #KillAllWhiteMen
Scotland may have to leave the EU even if it votes to stay in, David Cameron confirms
Report finds that Britain's wages are the most unequal in Europe
The day that Britain resigned as a global power
Almost a third of school pupils believe 'Muslims are taking over our country', study claims
SNP fury as HS2 finds 'no business case' for taking fast train service to Scotland
iJobs Money & Business
£40-50K: Guru Careers: We are seeking an experienced Software / C# Developer w...
£45,000 - £55,000: Neil Pavier: Are you looking for your next opportunity for ...
£45,000 - £55,000: Sheridan Maine: Are you a newly qualified ACA/ACCA/ACMA qua...
£50,000 - £60,000: Laura Norton: Are you looking for an opportunity within a w...