The Bank of England is set to oversee a series of “ethical hacking” operations of financial services firms, in a bid to assess their defences against cyber crime.
Ethical hacking involves individuals attempting to penetrate networks or computer systems using the same methods as a hacker in order to find weaknesses and vulnerabilities in the target systems.
This year the Bank of England will help oversee a programme of “ethical hacking” as part of a boarder assessment of the resilience of computer systems in the UK, the Financial Times reports. The programme will reportedly involve more than 20 major banks and other financial institutions.
A source familiar with the process told the newspaper, “The UK is leading the world on this – it is groundbreaking.”
Whilst many firms conduct similar test internally this will be the first time the authorities will oversee such a broad process. The new programme will build on last year’s process Waking Shark II, which saw dozens of financial institutions test their cyber security.
The Financial Conduct Authority’s (FCA) risk outlook for 2014 also mentioned cybercrime. It noted that technological developments have increased the availability and use of data insights and increased the potential profits of cybercrime. The increased amount of risk has meant financial services firms have been required to “invest significantly” to improve controls, the report added.
The risk outlook said, “Cyber-crime has also received increased attention by operators of critical financial infrastructure, such as market exchanges and trading venues, since they have become high-profile targets for deliberate attempts to disrupt financial markets.”
In order to combat this, the Financial Policy Committee recommended that the FCA, the Bank of England, HM Treasury and the Prudential Regulation Authority work with core UK financial systems to put in place a programme of work to improve and test the resilience to cyber-attack.
Photo: simonok via Freeimages