Banks 'to highlight their cyber security'

The Bank of England and the Treasury are so worried about the cyber-security standards of leading UK financial services organisations that they have demanded board directors draw up plans to address the issue over the next six months, it has been claimed.

According to the minutes of last month's Financial Policy Committee (FPC), UK banks are set to 'review their own resilience' through a series of test attacks, reports the Telegraph.

Operation Waking Shark 2 is due to take place in mid-November and will involve every high street bank taking part in a stimulated 'war game'-type exercise during which they will be subjected to intrusions styled after those of cyber criminals.

British experts are concerned that well-directed and malicious cyber attacks could damage the UK's economic infrastructure by affecting payment systems or clearing houses.

Banks in the US have already been subjected to attempted intrusions from the Cyber Fighters of Izz ad-Din al-Qassam, who made it impossible for customers to access their accounts or make payments.

While their UK counterparts have remained relatively safe so far, the FPC has pointed out issues such as 'complex legacy IT systems' that make them especially vulnerable to certain kinds of attacks.

With this in mind, it has urged directors to take up the issue at the top level rather than simply palming it off to IT departments.

"It was important that boards of financial firms and infrastructure providers recognised their responsibility for responding to those threats, which required a combination of continuous vigilance and investment to strengthen operational resilience," the minutes said.

This follows a major report from KPMG warning that the biggest threat facing the banking industry is a new wave of cyber attacks, potentially motivated by politics or ideology rather than a desire for financial gain.

The study noted online account fraud increased by 12 per cent over the last year, highlighting the increasing need for advanced security techniques.