U.S. and UK to test financial cyber-security later this month

The United States and Britain will test later this month how its regulators would respond if their financial sectors suffered a major cyber-attack or broader IT problems.

LONDON, ENGLAND, UK (REUTERS) – The United States and Britain will test later this month how its regulators would respond if their financial sectors suffered a major cyber-attack or broader IT problems. The test, for which no date has yet been set, will focus on how regulators for the world’s two biggest financial centers in New York and London communicate in an emergency, a spokesman for British government cyber-security body CERT-UK said.

“Around the concept of trying to reduce cost, they’ve introduced far more third parties that have direct connections to their systems. Trying to introduce customer service, they’ve allowed far more devices for customers to use. The digital age is here. The digital age brings sophistication and therefore it is far more difficult to protect your systems and put the controls around them.” said FSO partner at EY, Andrew Barstow.

U.S. President Barack Obama and British Prime Minister David Cameron agreed last January to hold the joint exercise this year and coordinate their responses to an online attack on their financial sectors.

Businesses on both sides of the Atlantic have shown vulnerability to hacking. Just last month, hacking attacks threatened to compromise the data of 4 million customers of British telecoms company TalkTalk and 15 million clients of T-Mobile US Inc.

The CERT-UK spokesman said no final decision had been made on the exact scenarios for the exercise or the banks that would take part. The U.S. Treasury, Britain’s finance ministry, the Bank of England (BoE) and U.S. regulators would take part and intelligence agencies are also likely to play a role, he said.

“Probably the biggest threat to financial institutions is the organised crime. These are now far more organised, far more sophisticated and far better funded than they ever were. They’re more likely to perpetrate a hack that leaves something, a worm, on the system to sleep dormant and attack at a later stage” Barstow added.

The BoE said earlier this year that British banks needed to do more to bolster their defenses against cyber attacks, and might require them to conduct tests of how easily their systems could be hacked or suffer other weaknesses.