As concerns grow about the industry’s vulnerability to hacking, European Union officials and sources said that the bock is considering testing banks’ defenses against cyber attacks.
With criminals finding new ways to target banks beyond trying to illicitly obtain details of their customers’ online accounts, cyber attacks against banks have increased in numbers and sophistication in recent years. When hackers broke into its system and gained access to the SWIFT international transactions network, $81 million was taken from the Bangladesh central bank last February.
Global regulators have carried out checks on lenders’ security systems in some countries and have tightened security requirements for banks after that giant cyber fraud, one of the biggest in history.
The theft of 2.5 million pounds ($3 million) from Tesco Plc’s banking arm in the first mass hacking of accounts at a Western lender and a letter by SWIFT to client banks in November revealed the fact that complex cyber attacks have kept rising.
A report of the European Banking Authority (EBA) warned in December that banks “are struggling to demonstrate their ability to cope with the rising threat of intruders gaining unauthorized access to their critical systems and data.” An EU-wide stress test could be the next step from European regulators to boost security.
A commission official was quited by the media saying that the European executive commission is assessing additional initiatives to counter cyber attacks. “These include cyber-threat information sharing or penetration and resilience testing of systems.”
In order to register incidents of cyber crime at commercial banks in the 19-country euro zone, the European Central Bank announced last year it would set up a database. But there has been little development in the exchanges of information among national authorities on cyber incidents.
A source at the EU executive said that the Commission is studying whether EU-wide tests would help step up security. This would be in addition to controls already carried out by national authorities.
The checks it intends to conduct in the next exercise planned in mid 2018 is expected to be detailed by EBA, which is in charge of stress-testing the bloc’s banks.
Checks on specific issues and tests on banks’ capital cushions are conducted by EBA. As EU lenders faced sanctions from U.S. regulators, last year it monitored risks caused by fines.
EU states have been urged to stress-test their financial institutions for cyber risks by the chairman of EBA, Andrea Enria.
To trace who was behind a cyber attack that caused intermittent outages for customers of its personal banking websites almost two weeks ago, Lloyds Banking Group is working with law enforcement agencies.
According to EBA, regulators are considering new technologies that could boost security as European banks keep relying on digital infrastructure that is “rigid and outdated”.
“To establish the advantages and possible risks” but also to weigh possible moves to enable blockchain where it is hindered, the Commission source said that Blockchain, the technology behind the most successful virtual currency, Bitcoin, is being closely monitored in Brussels.
A World Economic Forum report said, more than 1 billion euros have been invested in blockchain startups.
(Adapted from Reuters)