British Banks Are Hiding Cyber Attacks

Uploaded on 2017-12-14 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

UK banks still aren’t telling regulators about all the cyber-attacks on the financial services industry despite a ten-fold increase in reports to the Financial Conduct Authority over the last four years.

"Our suspicion is that there’s currently a material under-reporting of successful cyber-attacks,” Megan Butler, the FCA’s director of supervision, has said. “The number of breaches relayed back to us looks modest when you set it against the number of attacks on the industry,” she said.

The number of material attacks reported by firms to the FCA has grown to 49 this year from five in 2014, as hacks become one of the biggest threats to the safety of the financial services industry. 

The type of hacks is also increasingly concerning for regulators and firms with ransomware making up 17% of attacks reported to the regulator, according to Ms. Butler.

The FCA opened an investigation in October into the hack of credit reporting company Equifax that saw personal data stolen from at least 143m people.

Outside of the FCA’s supervision, Uber Technologies paid hackers $100,000 (€84,770) to delete data taken from 2.7m UK customers in a 2016 security breach.

Ms. Butler emphasised the need for incidents to be reported to the regulator as they’re happening. She told the ICI global capital markets conference in London that the FCA had recently spent time with a number of US agencies looking at how they could better co-ordinate cyber supervision against the global threat. One of the challenges facing firms and regulators is the growing use of cryptocurrencies such as bitcoin in cyber-attacks.

Rob Wainwright, the director of Europol, said at a London conference last week that cryptocurrencies were a “great enabler for ransomware” because they allow people to act anonymously. 

He also highlighted the problem of cybercrime and fraud divisions in banks working separately when common actors could be better pursued together. The growing sophistication of technology is also a positive for banks though when it comes to crime.

Irish Examiner

You Might Also Read: 

RBS Bank Warns Of Increased Cybercrime:

Bank Data Breaches Are Up And It's An Inside Job:

UK Bank Fraud Landmark: TSB Repays Victim & Admits Giving Criminals Bank Accounts:

 

« 10 Things About The Network and Information Security Directive (NIS)
Bitcoin Exchanges Under Siege »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Lloyd's

Lloyd's

As an insurance market, Lloyd’s can provide access to more than 65 expert cyber risk insurers in one place.

Panaseer

Panaseer

Panaseer is an enterprise cybersecurity automation and data analytics company that helps organizations stop preventable breaches by ensuring security controls are working effectively.

OnSystem Logic

OnSystem Logic

OnSystem Logic has developed a unique, patent-pending solution to solve the problem of the exploitation of flaws in application software as a technique for cyber attacks.

Datec PNG

Datec PNG

Datec is the the largest end-to-end information and communications technology solutions and services provider in Papua New Guinea.

Cycuity

Cycuity

Cycuity (formerly Tortuga Logic) is a cybersecurity company that is transforming the way we secure silicon with comprehensive hardware security assurance.

Hellenic Accreditation System (ESYD)

Hellenic Accreditation System (ESYD)

ESYD is the national accreditation body for Greece. The directory of members provides details of organisations offering certification services for ISO 27001.

Fortiphyd Logic

Fortiphyd Logic

Fortiphyd Logic equips operators of the power grid, oil & gas, and other critical infrastructure with the tools and training they need to defend their industrial networks from advanced cyberattacks.

Networks Unlimited

Networks Unlimited

Networks Unlimited is a leading value-added distributor in Africa, providing technology solutions with a focus on security, networking, enterprise systems management and cloud technologies.

Broadcom

Broadcom

Broadcom is a global technology leader that designs, develops and supplies a broad range of semiconductor and infrastructure software solutions.

BriskInfosec Technology & Consulting

BriskInfosec Technology & Consulting

BriskInfosec provides information security services, products and compliance solutions to our customers.

Condition Zebra

Condition Zebra

Condition Zebra has wide experience in providing IT Security Services, Training, and Certification in the field of cybersecurity.

LastPass

LastPass

LastPass provides award-winning password and identity management solutions that are convenient, effortless, and easy to manage.

Certera

Certera

Certera is a modern and affordable SSL Certificate, Code Signing Certificate, and Cyber Security Services provider.

CovertSwarm

CovertSwarm

Since 2020 CovertSwarm have been radically redefining how enterprise security risks are discovered. We outpace the cyber threats faced by our clients using a constant cyber attack methodology.

Clango

Clango

Clango employs an identity-centric approach to optimizing your cybersecurity investment while minimizing risk.

Norwegian Data Protection Authority (Datatilsynet)

Norwegian Data Protection Authority (Datatilsynet)

The Norwegian Data Protection Authority (Datatilsynet) is the national data protection authority for Norway.