The bank of England was one of the major coordinators of the cyber war game testing London's finance sector

Cyber-attack war game tests London's banks

A fake cyber-attack conducted by a foreign government and a denial-of-service attack disabling users’ networks were among scenarios tested during the Waking Shark II operation.

Some 100 bankers, regulators, government officials and market infrastructure providers gathered at the Plaisterers Hall in the City of London on Tuesday to take part in the exercise dubbed "Waking Shark II".

The war game, running for five and half hours starting at 12 pm involved simulations testing how well banks and other market players communicate and coordinate with authorities and each other when under attack.

A source participating in the exercise told Reuters the test was "productive", leaving participants better equipped to deal with a real-life attack.

The finance ministry, Bank of England and the Financial Conduct Authority said the exercise had been "sustained and intensive".

"A thorough review of the lessons learned is underway to identify potential improvements to the resilience of the sector," their joint statement added. A report will be published in early 2014.

The event, one of the largest of its kind in the world, follows a similar large-scale simulation in New York this year dubbed "Quantum Dawn 2" and comes amid heightened fears over the threat from hacking and cyber-attacks.

"This is a good opportunity to iron out any flaws now before our cyber defences are tested in anger," said Stephen Bonner, a partner in KPMG's Information Protection & Business Resilience team.

Richard Horne, a partner at PricewaterhouseCoopers who specialises in cyber security, said the exercise was useful but the real challenges lay in coordinating across the industry to make sure a crisis scenario never happens.

"It will take a lot of detailed technical work and testing, coordinated across the industry, to really understand all the interdependencies and develop meaningful containment and recovery plans," Horne said.

The investment banking industry itself played a key role in co-ordinating the exercise, along with the Bank of England, the Treasury and the Financial Conduct Authority (FCA) and follows a similar exercise two years ago, the sources said.

Institutions involved in this year's test included Barclays , BNP Paribas, Bank of America, CHAPS, Commerzbank, Credit Suisse, Deutsche Bank , Euroclear, Goldman Sachs, HSBC, JP Morgan, LCH Clearnet, London Stock Exchange, Morgan Stanley, Nomura, Royal Bank of Scotland , SocGen, SWIFT and UBS, according to a source familiar with the matter.

Regulators and companies are growing increasingly concerned about the threat of cyber- crime to the banking system, including the impact of coordinated online assaults or hacking attacks on specific lenders.

One unidentified London-listed company incurred losses of £800m in a cyber-attack several years ago, according to British security services.

Recent articles

Info Message

Our sites use cookies to support some functionality, and to collect anonymous user data.

Learn more about IET cookies and how to control them

Close