Underground criminal networks pose an increased threat to
banks and fund management groups, according to a warning issued
Monday by the U.K.s financial regulator.
These groups carry out reconnaissance on financial
organizations, plant ransomware on their network assets, and
destroy data backups to inflict maximum damage on their
victims, the acting chief operating officer of the Financial
Conduct Authority (FCA), Nausicaa Delfas, said at an industry conference. Over
the course of 2014, we had five reports of cyber attacks from
the firms that we regulate, Delfas said. In 2015,
this rose to 27 and in 2016 we had 89 reports. This significant
increase indicates more attacks are occurring....There is no
shortage of criminal networks continuing to attempt to
compromise the corporate networks of our financial
institutions. We have seen a rise in the risk of targeted
network attacks being carried out against firms.
Jonathan Luff, co-founder of cyber security firm CyLon, which
advised the Bank of England, called criminal networks the
biggest single threat to most organizations in terms of
cyber risk. Sophisticated criminal networks are the most
real and present threat to City institutions in financial
services, Luff told II in an interview.
Yes, there are other significant threats, but the
sophistication and intent of advanced criminal networks is a
real threat to sophisticated industries.
Luff was among those cyber security experts to welcome the
FCA and Bank of Englands recent coordination on
monitoring criminal cyber activity, but warned that the figures
for reported incidents are likely only a fraction of the number
of actual attacks witnessed. The number of reported
incidents and detected threats are probably under-estimated for
two reasons: 1) People dont always know they have been
attacked and quite often it is a long time until it is
discovered. 2) There are concerns about disclosing a breach or
a compromise, Luff said.
Despite evidence that attacks are ramping up, detection
or admission has failed to keep pace, according
to a report from consultants PwC. In the companys Global State of Information Security Survey
2017, financial services companies said the number of
detected incidents has remained flat since 2013 at between
4,600 and 4,900 annually. The report found that while detected
incidents had not significantly increased, security spending
had risen 67 percent between 2013 and 2016.
Speaking in Luton, U.K., Delfas said awareness needed to
improve. We need to also have good detective
capabilities, to be able to recover and respond, getting back
to business as usual. This is where we need to move the
dialogue on. She urged firms to carry out robust
and comprehensive risk assessments based on the Cyber Essentials security scheme. The U.K.
regulator has also built a series of cyber coordination groups
to enable organizations to share information about cyber
Hugo Thorman, former chief executive of investment platform
Ascentric and CEO of Seccl Technology, welcomed the
introduction of working groups to share experiences. As
far as detection is concerned, there is often very little
sharing, he told II. Organizations dont want
to say where they have had difficulties because, by alerting,
they may undermine client confidence. As a result, you often
operate in isolation.