UK banks are being put to the test today, in a voluntary simulation designed to test their mettle in a crisis.

Led by the Financial Services Authority, and compiled with the help of the Bank of England and the finance ministry, the two part drill began at eight in the morning and will assess business continuity systems and practices in 87 UK banks – in response to reports that they are under increased attack from cyber criminals.

Extreme scenario testing

According to a Reuters report, the drill will include a simulated cyber attack on financial systems; disrupting communications and Internet access as well as wholesale- and retail-payment systems. Banks will have to deal with the fallout of fictional customers not being able to draw cash or make card payments.

A second, simultaneous simulation will replicate the potential travel disruptions that may be caused by the Olympic Games, leaving many employees unable to get to work or ATMs running out of currency because the vans carrying the cash are stuck in heavy traffic.

The watchdog will publish a summary of its findings in February and banks that struggle will have questions to answer, according to reports – even though the FSA says that “there are no ‘passes’ or ‘fails'” and that the “exercise is about firms assessing business continuity systems and updating them where necessary and about the authorities identifying areas for further attention,”.

Preparing for the worst

In light of the rise in sophisticated hacking attacks against banks and governement installations, the UK’s government systems was recently involved in a transatlantic cyber security exercise focussing on advanced persistent threats (APTs)  and SCADA hacking.

Although this is not the first FSA drill, the severity and extent of malicious infiltration has the industry is keeping a close eye on this one.

Unsurprisingly, security firms welcomed sigs that the banking sector is taking action.

“Often you see security being considered at the last minute rather than being engineered into projects and infrastructures from day one so it’s very encouraging to see an important sector like this taking part in preventative measures,” said Sian John, UK security strategist at Symantec. “Approximately 144,000 malicious files are detected each day, equating to more than 4.3 million each month. Threats are becoming increasingly targeted and focused on accessing information that can be used for malicious gain or sold on via underground markets”.

“An exercise like this will demonstrate exactly how robust their systems are and where the vulnerabilities lie.   It may mean they need to reconsider back up sites for example or rethink security altogether – whatever the results it’s a nice illustration that financial institutions are proactively looking to manage risk.”

Others warned that an exercise is only as good as the scenario it uses:  “It is very pleasing to see the financial sector taking the threat of cyber attack so seriously and we hope that other sectors will follow suit,” said Henry Harrison, technical director at BAE Systems Detica. “The key to this sort of exercise is using sufficiently representative scenarios. This is as true for cyber attack scenarios as for financial disaster scenarios – while it is simple to imagine situations such as a total loss of communications, realistic scenarios should also include the loss of confidence in the integrity of data or key systems, or indeed the loss of confidence in the confidentiality of communications between different players in the system.”

The voluntary exercise is one of the largest of its kind in the world, involving thousands of staff. 2009 saw 5,000 bank employees battle against imaginary floods, and severe weather conditions while in 2006, a hypothetical six-week flu epidemic tested companies’ ability to cope with large-scale staff absences.

Iris Cheerin

Recent Posts

US Approves SpaceX Starlink For Planes, Trains And … Ships

US FCC regulator gives its official approval for SpaceX to use its Starlink satellite internet…

4 hours ago

Bitcoin Falls Below $19,000, But Recovers Slightly Friday

Ominous sign for crypto markets? The value of Bitcoin dropped over 6 percent to below…

5 hours ago

Meta Slashes Hiring As It Braces For Downturn – Report

CEO Mark Zuckerberg tells staff to brace for a deep economic downturn, as Meta cuts…

6 hours ago

Silicon In Focus Podcast: Connected Business

Is the definition of a ‘connected business’ very different today than it was just two…

9 hours ago

BT Disappointed As CWU Votes To Strike, Despite 5 To 8 Percent Pay Rise

First strike in 35 years after BT staff with the e Communications Workers Union vote…

23 hours ago