City firms found failing in the battle against attack from cyber sharks
Bank of England's Waking Shark II exercise reveals that police have to be called in faster
Thursday 06 February 2014
City firms have been told that they need to act more quickly and report to regulators in more detail if they become subject to cyber-attacks from criminal gangs, terrorists or hostile countries.
The Bank of England, which conducted a massive simulation exercise called Waking Shark II, representing a three-day attack on the City back in November, said this had shown that banks had made considerable progress in the last two years, but more could still be done.
The detailed review of the Waking Shark II exercise was revealed as the Business Secretary, Vince Cable, hosted a summit of regulators for the financial, water, energy, communications and transport sectors with ministers and top officials from the security and intelligence agencies, to discuss working in partnership to address cyber threats to the UK's essential services.
Waking Shark II, held on a single day in a City livery hall, simulated a three-day concerted cyber-attack on the UK's financial system by a hostile state. It was aimed at the wholesale areas of the market and was designed so that the third day included the "triple witching" when stock options and futures all expire at the same time.
The exercise included denial-of-service attacks on firms' websites, attacks on their networks and problems with closing share prices, bond clearing and payment instructions.
Andrew Bailey, a deputy governor of the Bank of England and the head of the Prudential Regulation Authority, said: "It is essential for financial stability that the UK financial system and its infrastructure continues to work towards improving its ability to withstand cyber-attacks."
The Bank of England said that Waking Shark II had worked, but that it would now consider creating a single co-ordinating body across the financial industry to manage how banks, firms and regulators communicate with each other in a cyber-attack crisis.
It said that it would look at strengthening the Cyber Security Information Sharing Partnership, set up in March last year, which connects firms and government agencies.
This partnership is complemented by a "Fusion Cell" supported on the Government side by the Security Service, GCHQ and the National Crime Agency, and by industry analysts from a variety of sectors.
The Bank also warned banks and firms that they needed to be much faster in reporting criminal attacks to the police and, if necessary, other law enforcement agencies.
It said that it would also make it clearer to firms which are regulated by both the PRA and the Financial Conduct Authority how and to whom they should report incidents.
Mr Bailey said: "The role that regulators such as the Bank of England and Ofcom are already taking to embed cyber security in their sectors is vital, as set out in a joint communiqué outlining steps that government and regulators agree to undertake to help manage cyber risk across each sector."
Mr Cable said: "Cyber-attacks are a serious and growing threat to British businesses, but it is particularly important that those industries providing essential services such as power, telecommunications and banking are adequately protected to avoid disruption to our everyday lives."
The Bank said there was demand for "further and more challenging" exercises including extending simulated cyber-attacks to firms' retail businesses.
- 1 What happens to your body when you give up sugar?
- 2 Ed Miliband less influential than One Direction's Louis Tomlinson in official Doncaster power list
- 3 Japanese island overrun with cats after population explodes
- 4 Delhi bus rapist blames dead victim for attack because 'girls are responsible for rape'
- 5 Have sex with your iPad thanks to the new sex toy no-one asked for
California teacher appears to have hanged herself in her classroom
The City of the Monkey God: Archaeologists claim to have found city lost for 1,000 years in remote Honduran jungle
Japanese island overrun with cats after population explodes
Delhi bus rapist blames dead victim for attack because 'girls are responsible for rape'
Bubonic plague-carrying fleas found on New York City rats
'Jihadi John': CAGE representative storms off Sky News accusing Kay Burley of Islamophobia
Durham Free School: 'Creationism taught at' free school facing closure
Nearly 100,000 of Britain's poorest children go hungry after parents' benefits are cut
Ukip would cut billions from Scottish budget to fund English tax cuts
End of the licence fee: BBC to back radical overhaul of how it is funded
Ukraine crisis: Top Chinese diplomat backs Putin and says West should 'abandon zero-sum mentality'
iJobs Money & Business
£15000 - £18000 per annum: Recruitment Genius: This is a great opportunity for...
£50000 - £60000 per annum + Excellent Salary: Austen Lloyd: An outstanding new...
£20000 - £21000 per annum + uncapped commission: SThree: As a graduate you are...
£18k + Uncapped Commission (£25k Y1 OTE): Guru Careers: We are seeking an Inbo...