Bank of England to employ hackers

By Danny Palmer
22 Apr 2014 View Comments
The Bank of England

The Bank of England is set to employ ethical hacking and penetration testing in an effort to strengthen cyber security of banks and other financial institutions.

The scheme, as reported by The Financial Times, is known as cyber threat and vulnerability management and will be overseen by the Bank of England's director of the UK's special resolution unit, Andrew Gracie. The purpose is to test the defences of more than 20 major banks against the types of attack they're likely to experience from hackers and other cyber criminals.

Further reading

Ethical hackers will therefore use the latest methods employed by hackers working for criminal gangs, terrorist cells and rogue states in order to examine the defensive capabilities of banks when it comes to protecting against cyber attacks. Financial services firms likely to participate in the scheme reportedly include Royal Bank of Scotland and the London Stock Exchange.

Penetration testing is often used by businesses to test their internal cyber resilience, but this represents the first time such a scheme will be monitored by an outside authority in such a large-scale fashion. A similar scheme - named Waking Shark II - was undertaken last year, but on a much smaller scale.

That test represents a move by the Bank of England to shore up defences against vulnerabilities which, if left unchecked, could lead to data loss or credit card detail theft.

Indeed, banks are regular targets for cyber attacks as criminals look for a method of making a quick buck - something they're successfully achieving, as the Bank of England itself admitted in a report towards the end of last year.

Charles Sweeney, CEO of web security firm Bloxx, welcomed the introduction of cyber threat and vulnerability management.

"Banks face a relentless onslaught of persistent and sophisticated attacks because they are considered to be highly prized targets for criminals," he said.

"Last year's Waking Shark programme was a great success, but attacks evolve and develop at a rapid pace so it is no surprise that the Bank of England wants to test defences again.

"It is great to see the UK leading the way in cyber protection programmes that can make a real difference to consumers, enterprises and the economy," Sweeney added.

Reader comments
blog comments powered by Disqus
Newsletters
Windows 10 - will you upgrade?

Microsoft has made an early version of Windows 10 - its next operating system - available for download. The OS promises better integration and harmonisation across platforms, including mobile and desktop. Will your business be upgrading?

36 %
33 %
12 %
19 %