UK banks to take part in cyber attack simulation

Cyber war

The UK banking sector will take part in a simulated one-day cyber attack next month, as pressure grows on lenders to tighten up their IT security strategies.

The exercise, dubbed Operation Waking Shark 2, is designed to test the preparedness of the payment and market systems banks rely on in the face of a sustained cyber attack.

According to a Daily Telegraph report, the exercise is due to take place in mid-November, with several thousand representatives from across the financial services sector expected to take part.

The simulation is understood to have been designed by an unknown third party, with the Bank of England, HM Treasury and Financial Conduct Authority all on hand to monitor participants' performance.

"This is absolutely vital work and will enable us to see how our defences work in the event of a real attack and what areas need to be improved," a source told the Telegraph.

The exercise's results will be used to determine weaknesses in the financial institutions' cyber security strategies, with those found to be lacking expected to face calls to invest more in shoring up their defences.

A similar event was carried out in March 2011, involving more than 100 representatives from 33 financial services firms and infrastructure providers, to ascertain the strength of their online defences. That exercise was named Operation Waking Shark.

Dorian Wiskow, client managing director for financial services at Fujitsu UK and Ireland, said he was glad to hear the security systems banks use are going to be put through their paces.

"Not only are banks operating with legacy systems that in some cases have been in existence for many years, it is also a sector where innovation across new banking channels, such as online and mobile, is creating complex multi-channel IT infrastructures," said Wiskow.

"What is paramount here is the industry does not overlook or get complacent about security or place it in the too big to fix' category."

News of the exercise comes less than a week after it emerged that banks and financial institutions have been given a year to create anti-cybercrime plans, as the risk of an attack being carried out against them grows.

Caroline Donnelly is the news and analysis editor of IT Pro and its sister site Cloud Pro, and covers general news, as well as the storage, security, public sector, cloud and Microsoft beats. Caroline has been a member of the IT Pro/Cloud Pro team since March 2012, and has previously worked as a reporter at several B2B publications, including UK channel magazine CRN, and as features writer for local weekly newspaper, The Slough and Windsor Observer. She studied Medical Biochemistry at the University of Leicester and completed a Postgraduate Diploma in Magazine Journalism at PMA Training in 2006.