British Banks Are Hiding Cyber Attacks

UK banks still aren’t telling regulators about all the cyber-attacks on the financial services industry despite a ten-fold increase in reports to the Financial Conduct Authority over the last four years.

"Our suspicion is that there’s currently a material under-reporting of successful cyber-attacks,” Megan Butler, the FCA’s director of supervision, has said. “The number of breaches relayed back to us looks modest when you set it against the number of attacks on the industry,” she said.

The number of material attacks reported by firms to the FCA has grown to 49 this year from five in 2014, as hacks become one of the biggest threats to the safety of the financial services industry. 

The type of hacks is also increasingly concerning for regulators and firms with ransomware making up 17% of attacks reported to the regulator, according to Ms. Butler.

The FCA opened an investigation in October into the hack of credit reporting company Equifax that saw personal data stolen from at least 143m people.

Outside of the FCA’s supervision, Uber Technologies paid hackers $100,000 (€84,770) to delete data taken from 2.7m UK customers in a 2016 security breach.

Ms. Butler emphasised the need for incidents to be reported to the regulator as they’re happening. She told the ICI global capital markets conference in London that the FCA had recently spent time with a number of US agencies looking at how they could better co-ordinate cyber supervision against the global threat. One of the challenges facing firms and regulators is the growing use of cryptocurrencies such as bitcoin in cyber-attacks.

Rob Wainwright, the director of Europol, said at a London conference last week that cryptocurrencies were a “great enabler for ransomware” because they allow people to act anonymously. 

He also highlighted the problem of cybercrime and fraud divisions in banks working separately when common actors could be better pursued together. The growing sophistication of technology is also a positive for banks though when it comes to crime.

Irish Examiner

You Might Also Read: 

RBS Bank Warns Of Increased Cybercrime:

Bank Data Breaches Are Up And It's An Inside Job:

UK Bank Fraud Landmark: TSB Repays Victim & Admits Giving Criminals Bank Accounts:

 

« 10 Things About The Network and Information Security Directive (NIS)
Bitcoin Exchanges Under Siege »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

QA Systems

QA Systems

QA Systems provides software testing solutions for safety and business critical sectors and software safety and security standards.

SecureDevice

SecureDevice

SecureDevice is a Danish IT Security company.

BlueVoyant

BlueVoyant

BlueVoyant's Cyber Defense Platform is security operations platform that provides real-time threat monitoring for networks, endpoints, and supply chains.

Fingerprint Cards

Fingerprint Cards

Fingerprint Cards develops and produces biometric components and technologies that verify a person’s identity through the analysis and matching of an individual’s unique fingerprint.

BEAM Teknoloji

BEAM Teknoloji

BEAM Technology is an independent Software Quality and Security Testing Center in Turkey.

bluedog Security Monitoring

bluedog Security Monitoring

Sentinel from bluedog provides powerful and affordable internal network monitoring.

Energia Ventures

Energia Ventures

Energia Ventures is a three-month intensive accelerator for entrepreneurs with an innovative business in the energy, smart grid, cleantech, and cybersecurity sectors.

RhodeCode

RhodeCode

RhodeCode is an open source repository management platform. It provides unified security and team collaboration across Git, Subversion, and Mercurial.

Wiz

Wiz

Wiz - the first cloud visibility solution for enterprise security: A 360° view of security risks across clouds, containers and workloads.

Hook Security

Hook Security

Setting a new standard in security awareness. Hook Security is a people-first company that uses psychological security training to help companies create security-aware culture.

AVANT Communications

AVANT Communications

AVANT is a premier distributor of next generation technologies with the resources and relationships needed to successfully navigate the ever-changing world of communications and IT infrastructure.

Hetz Ventures

Hetz Ventures

Hetz Ventures is a global-facing VC investing in highly talented and ambitious Israeli founders who operate at the cutting edge of deep technology.

Security Discovery

Security Discovery

Stay ahead of cyber threats with Security Discovery. We offer expert consulting, comprehensive services, and a powerful vulnerability monitoring SaaS platform.

Myrror Security

Myrror Security

Myrror Security is a software supply chain security solution that aids lean security teams in safeguarding their software against breaches.

Silobreaker

Silobreaker

Silobreaker is a SaaS platform that enables threat intelligence teams to produce high-quality and relevant intelligence at a faster pace.

Fortress SRM

Fortress SRM

Fortress SRM protects companies from the financial, operational, and emotional trauma of cybercrime by improving the security performance of its people, processes, and technology.