London Banks Test Defences in ‘Waking Shark 2’ Cyber Attack Exercise

Employees at London-based banks have participated in war games designed to simulate cyber attacks in order to test each financial institution’s defenses against real threats.

The war games exercise, dubbed ‘Waking Shark 2’ was announced last month and involves bank staff, regulators and government officials gathering to play out how they would react to various attacks, such as a hit on stock exchange systems.

The aim is to test market participants’ ability to quickly and effectively respond to attacks on various parts of their businesses, such as ensuring that automated teller machines (ATMs) remain stocked with cash. There is also a focus on how companies co-operate with other firms and regulators.

The first ‘Waking Shark’ was mounted in March 2011 to simulate possible attacks on the 2012 London Olympics, but was a much smaller exercise.  In July this year the US held its own ‘Quantum Dawn 2’ exercise, prompting the Securities Industry and Financial Markets Association (SIFMA) to call on politicians to bring in legislation to improve communication between the government and private firms.

Earlier this year UK financial institutions (FIs) were told by the Bank of England (BoE) that they must put concrete plans in place over the next few months to deal with the growing threat of cyber-attacks.

The ZDNet website quoted a spokesperson from security firm Malwarebytes who commented: “The UK banking industry can learn a lot from US banks as they’ve been hit hard in terms of volume and intensity of attacks. The damage caused cannot be ignored as a few hours of outage can cost millions of dollars.

“To put it simply, the UK finance industry needs to pull together and take a joined-up approach. Trying to tackle such a large issue in isolation is never going to be as effective as a collaboration. US banks and other FIs have realised this and are working together effectively. It is good to see the UK following suit for the greater good.”

Andrew Miller, chief operating officer (COO) for Corero Network Security, said: “I think one of the biggest benefits we will see from Operation Waking Shark is not necessarily about banks learning to defend against cyber-attacks, but learning to cooperate. I personally believe that there needs to be more information sharing within financial organisations on the latest threats and attacks they are facing so they can develop a knowledge pool on how to protect against them.”










Related reading