british banks keep cyberattacks under wraps to protect image
Last Updated : GMT 05:17:37
Emiratesvoice, emirates voice
Emiratesvoice, emirates voice
Last Updated : GMT 05:17:37
Emiratesvoice, emirates voice

British banks keep cyberattacks under wraps to protect image

Emiratesvoice, emirates voice

Emiratesvoice, emirates voice British banks keep cyberattacks under wraps to protect image

Banks are increasingly sensitive to the brand damage caused by IT failings, say experts.
London - Arab Today

Britain’s banks are not reporting the full extent of cyberattacks to regulators for fear of punishment or bad publicity, bank executives and providers of security systems say.
Reported attacks on financial institutions in Britain have risen from just 5 in 2014 to 75 so far this year, data from Britain’s Financial Conduct Authority (FCA) show.
However, bankers and experts in cyber-security say many more attacks are taking place. 
In fact, banks are under almost constant attack, Shlomo Touboul, CEO of cyber security firm Illusive Networks said.
Touboul cites the example of one large global financial institution he works with which experiences more than two billion such “events” a month, ranging from an employee receiving a malicious e-mail to user or system-generated alerts of attacks or glitches.
Machine defenses filter those down to 200,000, before a human team cuts that to 200 “real” events a month, he added.
Banks are not obliged to reveal every such instance as cybertattacks fall under the FCA’s provision for companies to report any event that could have a material impact, unlike in the US where forced disclosure makes reporting more consistent.
“There is a grey area...Banks are in general fulfilling their legal obligations but there is also a moral requirement to warn customers of potential losses and to share information with the industry,” Ryan Rubin, UK managing director, Security & Privacy at consultant Protiviti, said.

SWIFT ACTION

Banks are not alone in their reluctance to disclose every cybertattack. Of the five million fraud and 2.5 million cyber-related crimes occurring annually in the UK, only 250,000 are being reported, government data show.
But while saving them from bad publicity or worried customers, failure to report more serious incidents, even when they are unsuccessful, deprives regulators of information that could help prevent further attacks, the sources said.
A report published in May by Marsh and industry lobby group TheCityUK concluded that Britain’s financial sector should create a cyber forum comprising bank board members and risk officers to promote better information sharing.
Security experts said that while reporting all low level attacks such as e-mail “phishing” attempts would overload authorities with unnecessary information, some banks are not sharing data on more harmful intrusions because of concerns about regulatory action or damage to their brand.
The most serious recent known attack was on the global SWIFT messaging network in February, but staff from five firms that provide cyber security products and advice to banks in Britain told Reuters they have seen first-hand examples of banks choosing not to report breaches, despite the FCA making public pleas for them to do so, the most recent in September.
“When I moved from law enforcement to banking and saw what banks knew, the amount of information at their disposal, I thought ‘wow’, I never had that before,” Troels Oerting, Group Chief Information Security Officer at Barclays and former head of Europol’s Cyber Crime Unit, said.
Oerting, who joined Barclays in February last year, said since then banks’ sharing of information with authorities has improved dramatically and Barclays shares all its relevant information on attacks with regulators.
Staff from five firms that provide cyber security products and advice to banks in Britain told Reuters they have seen first-hand examples of banks choosing not to report breaches.
“Banks are dramatically under-reporting attacks, they do what’s legally required but out of embarrassment or fear of punishment they aren’t giving the whole picture,” one of the sources, who declined to be named because he did not want to be identified criticizing his firm’s customers, said.
Apart from Barclays, the other major British banks all declined to comment on their disclosures. The Bank of England declined to comment and the FCA did not respond to requests for comment.

KEEPING SECRETS

Companies that use external security systems also do not always inform them of attacks, the sources said.
“Our customers sometimes detect attacks but don’t tell us,” Touboul, whose firm helps protect banks’ SWIFT payment networks by luring attackers to decoy systems, said.
Hackers used the bank messaging system that helps transmit billions of dollars around the world every day to steal $81 million in one of the largest reported cyber-heists.
Targeted attacks, in which organized criminals penetrate bank systems and then lurk for months to identify and profile key executives and accounts, are becoming more common, David Ferbrache, technical director Cybersecurity at KPMG and former head of cyber and space at the UK Ministry of Defense, said.
“The lesson of the SWIFT attack is that the global banking system is heavily interconnected and dependent on the trust and security of component members, so more diligence in controls and more information sharing is vital,” Ferbrache said.
“Big banks are spending enormous amounts of money, $400-500 million a year, but there are still vulnerabilities in their supply chains and in executives’ home networks, and organized crime groups are shifting their focus accordingly,” Yuri Frayman, CEO of Los Angeles-based cyber security provider Zenedge, said.

BRAND DAMAGE

Banks are increasingly sensitive to the brand damage caused by IT failings, perceiving customers to care just as deeply about security and stable service as loan or deposit rates.
Former RBS Chief Executive Stephen Hester waived his bonus in 2012 over a failed software update which caused chaos for thousands of bank customers.
And HSBC issued multiple apologies to customers after its UK personal banking websites were shuttered by a distributed denial of service (DDoS) attack, following earlier unrelated IT glitches.
“People don’t care about a 0.1 percent interest rate change but ‘will this bank do the utmost to keep my money and information safe?’” Oerting said.

Source: Arab News

Name *

E-mail *

Comment Title*

Comment *

: Characters Left

Mandatory *

Terms of use

Publishing Terms: Not to offend the author, or to persons or sanctities or attacking religions or divine self. And stay away from sectarian and racial incitement and insults.

I agree with the Terms of Use

Security Code*

british banks keep cyberattacks under wraps to protect image british banks keep cyberattacks under wraps to protect image

 



Name *

E-mail *

Comment Title*

Comment *

: Characters Left

Mandatory *

Terms of use

Publishing Terms: Not to offend the author, or to persons or sanctities or attacking religions or divine self. And stay away from sectarian and racial incitement and insults.

I agree with the Terms of Use

Security Code*

british banks keep cyberattacks under wraps to protect image british banks keep cyberattacks under wraps to protect image

 



GMT 10:31 2014 Tuesday ,23 December

Mirages of failure: Lebanon cannot wait

GMT 10:42 2017 Saturday ,14 October

Norway seeks 'Tesla tax' on electric cars

GMT 09:36 2017 Friday ,13 October

China urges US to 'preserve' Iran nuclear deal

GMT 14:41 2016 Friday ,07 October

Iranian President Arrives in Malaysia

GMT 09:20 2017 Tuesday ,12 September

Singer Miriam Clinci says she did not insult veil

GMT 23:11 2017 Wednesday ,18 October

Man jailed for filming worker in shower in Dubai

GMT 09:27 2018 Tuesday ,09 January

Prague's astronomical clock stops for six months

GMT 07:37 2016 Sunday ,29 May

WHO rejects calls to move Olympics

GMT 08:10 2017 Thursday ,23 November

Politicians, war criminals: 10 top figures

GMT 09:30 2017 Tuesday ,10 January

Iraq eyes recapture of east Mosul

GMT 10:09 2017 Monday ,27 November

Wafaa Amer reveals reason of "The Flood

GMT 06:04 2014 Wednesday ,05 November

Human insulin priority for health ministry

GMT 16:34 2017 Saturday ,18 March

Long before new hacks, US worried by Russian spying

GMT 10:21 2017 Friday ,19 May

Turkey seeks arrest of owner
 
 Emirates Voice Facebook,emirates voice facebook  Emirates Voice Twitter,emirates voice twitter Emirates Voice Rss,emirates voice rss  Emirates Voice Youtube,emirates voice youtube  Emirates Voice Youtube,emirates voice youtube

Maintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2021 ©

Maintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2021 ©

emiratesvoieen emiratesvoiceen emiratesvoiceen emiratesvoiceen
emiratesvoice emiratesvoice emiratesvoice
emiratesvoice
بناية النخيل - رأس النبع _ خلف السفارة الفرنسية _بيروت - لبنان
emiratesvoice, Emiratesvoice, Emiratesvoice