Threat Management

UK Banks not reporting cyber-attacks

Many cyber-attacks on large UK banks never go reported according to experts. Reuters reported that despite the Financial Conduct Authority reporting a large uptick in reported attacks against banks, reaching 75 so far this year, many banks are still not reporting those attacks.

The international newswire quoted Shlomo Touboul, chief executive of Illusive Networks who said that banks often experience millions, sometimes billions, of ‘events' a month and report only a few.

The UK has no general reporting requirements, meaning that banks aren't always compelled to tell authorities, or their customers about cyber-attacks, except in cases of ‘serious breaches'. One might say that reporting every single attack, given their frequency, would be a waste of time for the banks and the Information Commissioner's Office (ICO).

Not necessarily, Mark James, security specialist at ESET told “Reporting every one of those attempts would indeed clog systems with lots of unnecessary information and I'm sure there will be a lot that never makes the light of day. However, the problem of course is perceived security, as more and more breaches happen and more malware is being used to target financial systems, then the damage caused when things go wrong can be so great decisions will be made to keep it quiet. However, with the public becoming more aware of the damage caused by lapsed security, this may influence the decision on who is to look after their savings and daily finances in the future.”

James added, “the public have a right to know what a company is doing regarding security and privacy, because only then can they make an informed decision based on facts.”

This news seems to have come at a relevant time considering that it was only last Tuesday that the G7, a group of the most powerful countries on earth, released a set of guidelines for the financial industry on cyber-security.

The document sets out not rules, but ‘non-binding principles', stating that sharing information with public bodies and within the sector is paramount to advancing the health of the sector:

“Sharing broader insights among entities, between entities and public authorities, and among public authorities deepens collective understanding of how attackers may exploit sector-wide vulnerabilities that could potentially disrupt critical economic functions and endanger financial stability.”

This, the note adds, is also a problem for regulators: “Given its importance, entities and public authorities should identify and address impediments to information sharing”.

While the City of London Police declined to comment the National Police Chief's Council's Lead for Cybercrime offered one. Deputy Chief Constable Peter Goodman told SC that, “the banking sector actively support our protect, prepare, prevent and pursue strategy and are directly linked in with police forces and Regional Organised Crime Units (ROCU's)." Goodman added that police are actively working with banks on a variety of initiatives to report crime and protect customers. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.