Data Driven Futures

Financial services to stage cyber threat drills

Written by Hannah McGrath

Banks and payments organisations will carry out co-ordinated cybersecurity drills to test their response to major incidents which could cripple sectors critical to the UK's infrastructure.

Last week it was revealed that 20 of the UK’s largest banks, insurers and security exchanges are set to launch the Financial Sector Cyber Collaboration Centre (FSCCC) to enable a co-ordinated response to the “clear and present danger” posed by hack attempts and large scale cyber attacks.

The initiative, set up by industry body UK Finance in partnership with the National Crime Security Centre (NCSC), the cyber security arm of GCHQ, and the National Crime Agency, intends to build the framework for NATO-style co-operation across the financial services sector, in which an attack on one organisation is regarded as an attack on all.

Under plans currently being devised for the FSCCC’s threat response programme, key subsections of the financial services ecosystem will stage cyber alert exercises to test their preparedness and improve joint ‘muscle memory’ in the event of a major attack that could out key sectors of the economy.

The drills, which are set to be focussed on areas such as payment services, ATMs, telephony and other critical sectors, will establish networks to enable large organisations to share their cyber defence knowledge with SMEs and start-ups, which are considered to be more vulnerable to such an attack.

The FSCCC project has been the subject of discussions between GCHQ, the Bank of England and UK Finance for the last two years, and was born of growing concerns that an incident like the WannaCry ransomware attack - which hit NHS computers in May last year - could strike financial institutions, quickly sending key sectors of the economy into meltdown as consumers and businesses are prevented from paying for goods and services.

Last week, Ciaran Martin, chief executive of the NCSC warned there was “little doubt” that a category one cyber attack - the most serious type of ‘macro attack’ which could pose a threat to life - would hit the UK in the coming years, most probably from hostile state actors determined to disrupt organisations regarded as critical national infrastructure.

The NCSC also revealed it has handled more than 10 attacks per week in the last two years, totalling 1,167 cyber incidents, including 557 in the last 12 months.

Speaking at the annual dinner for UK Finance, chairman Bob Wrigley told ministers and leaders from the financial services sector that the speed and scale of digital transformation the industry is experiencing creates new risks.

“The serious daily reality of cyber-attack from organised and sophisticated criminals and state actors is real and never far from the headlines. A financial system which is recognised globally to be amongst the most resilient to these threats will continue to attract and retain international businesses.”

The FSCCC, which is due to announce a ‘soft launch’ in the first quarter of next year, will rely on staff from UK Finance and cyber security experts from participating organisations, with a view to moving into dedicated premises as the organisation matures.

The joint cyber threat drills are intended to be a sector-specific version of the Bank of England’s cyber stress tests which are used to test the resilience of defences against an attack on its payments systems.

The week before last senior cyber security executives from the financial services industry convened at Wilton Park, the Foreign Office’s secure location in Sussex, to share knowledge on the emerging risks and discuss co-ordinated efforts to combat them.

A spokesperson for UK Finance said: “The Financial Services Cyber Collaboration Service (FSCCC) will bring the industry together to address cyber threats as they emerge, in a faster, more coordinated and effective way.

“Coordinating activities and focused operations across financial services organisations, the government and law enforcement in this way will improve the industry’s ability to detect, disrupt and protect against cyber threats.”