British Banks Are Hiding Cyber Attacks

Uploaded on 2017-12-14 in NEWS-News Analysis, FREE TO VIEW, BUSINESS-Services-Financial

UK banks still aren’t telling regulators about all the cyber-attacks on the financial services industry despite a ten-fold increase in reports to the Financial Conduct Authority over the last four years.

"Our suspicion is that there’s currently a material under-reporting of successful cyber-attacks,” Megan Butler, the FCA’s director of supervision, has said. “The number of breaches relayed back to us looks modest when you set it against the number of attacks on the industry,” she said.

The number of material attacks reported by firms to the FCA has grown to 49 this year from five in 2014, as hacks become one of the biggest threats to the safety of the financial services industry. 

The type of hacks is also increasingly concerning for regulators and firms with ransomware making up 17% of attacks reported to the regulator, according to Ms. Butler.

The FCA opened an investigation in October into the hack of credit reporting company Equifax that saw personal data stolen from at least 143m people.

Outside of the FCA’s supervision, Uber Technologies paid hackers $100,000 (€84,770) to delete data taken from 2.7m UK customers in a 2016 security breach.

Ms. Butler emphasised the need for incidents to be reported to the regulator as they’re happening. She told the ICI global capital markets conference in London that the FCA had recently spent time with a number of US agencies looking at how they could better co-ordinate cyber supervision against the global threat. One of the challenges facing firms and regulators is the growing use of cryptocurrencies such as bitcoin in cyber-attacks.

Rob Wainwright, the director of Europol, said at a London conference last week that cryptocurrencies were a “great enabler for ransomware” because they allow people to act anonymously. 

He also highlighted the problem of cybercrime and fraud divisions in banks working separately when common actors could be better pursued together. The growing sophistication of technology is also a positive for banks though when it comes to crime.

Irish Examiner

You Might Also Read: 

RBS Bank Warns Of Increased Cybercrime:

Bank Data Breaches Are Up And It's An Inside Job:

UK Bank Fraud Landmark: TSB Repays Victim & Admits Giving Criminals Bank Accounts:

 

« 10 Things About The Network and Information Security Directive (NIS)
Bitcoin Exchanges Under Siege »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Baker McKenzie

Baker McKenzie

Baker & McKenzie is an international law firm. Practice areas include Data & Technology.

CipherPoint Software

CipherPoint Software

CipherPoint Software provides data-centric auditing and protection solutions for securing unstructured information

Napatech

Napatech

Napatech develops and manufactures high speed network accelerators specifically designed for real-time network monitoring and analysis applications.

Atea

Atea

Atea is the market leader in IT infrastructure for businesses and public-sector organizations in Europe’s Nordic and Baltic regions.

AnchorFree

AnchorFree

AnchorFree is a Virtual Private Network services provider offering secure encrypted access to the internet.

Miradore

Miradore

Miradore is a software company specializing in effective, cloud-based device management. Our goal is to help IT Service Providers and IT departments secure and control devices.

IAR Systems

IAR Systems

IAR Systems are a frontrunner in a changing industry, and a future-proof software supplier enabling the IoT.

Onward Security

Onward Security

Onward Security provides security solutions including network & application assessment, product security testing and security consulting services.

Hawk Network Defense

Hawk Network Defense

HAWK.io is the First Fully Automated, Multi-Tenant, Cloud-Based, MDR Service Company.

PhishFirewall

PhishFirewall

PhishFirewall is an advanced AI-driven CyberSecurity Awareness Education, Threat Emulation, and Human Security Analytics Platform.

SK Shieldus

SK Shieldus

SK shieldus are a converged security provider with business capabilities in both cybersecurity and physical security based on Big-Tech.

Artjoker

Artjoker

Artjoker is a full cycle software development partner specialized in Blockchain projects and smart contract development including full cycle information security of all projects.

Strata Information Group (SIG)

Strata Information Group (SIG)

Strata Information Group (SIG) is a trusted partner in IT solutions and consulting services.

Zeta Sky

Zeta Sky

Zeta Sky offers a full range of IT and cyber-security services for your business.

CyberSec Vietnam

CyberSec Vietnam

The CyberSec Vietnam Conference on 13 June 2024 in Ho Chi Minh City focuses on the critical pursuit of building trust in digital networks and fortifying Vietnam's cybersecurity ecosystem.

Disecto Technologies

Disecto Technologies

At Disecto, we provide SaaS based Data Discovery, Classification and a remediation solution for data privacy compliance.