UK banks 'hide hacks to avoid bad PR'

Report - British banks are drastically under-reporting cyber attacks

Bank cards

UK banks are withholding information on cyber attacks to avoid bad publicity, it is reported.

Leading figures within the industry believe recorded figures are far lower than the real number of hacks occurring, and that banks are hiding the fact they are under constant attack from hacker groups, according to Reuters.

Chief executive of Israeli cybersecurity firm Illusive Networks, Shlomo Touboul, told the publication that one client, a large financial institute, is targeted with more than two billion potential hacks every month.

These attacks, including malicious emails or hacks on a system, are filtered down by security defences to just 200 'events'. A team of employees will then sift through the reports and cut the number down to 200 "real events" each month, according to Touboul.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Britain's financial institutions have reported 75 hacking attacks this year so far, rising from five in 2014/15, according to Financial Conduit Authority (FCA) data .

FCA provisions only require UK banks to disclose attacks that could have had a material impact, and essentially disregard the rest.

Excluded reports are not always just email scams, as security firms have reported first hand evidence of banks choosing to hide serious breaches for fear of public backlash.

"Banks are dramatically under-reporting attacks, they do what's legally required but out of embarrassment or fear of punishment they aren't giving the whole picture," said one anonymous Reuters source.

A Bangladesh central bank heist in February saw hackers steal $81 million.

Of five million instances of fraud and 2.5 million cyber-related crimes in 2015, only 250,000 were ever reported according to ONS figures.

Advertisement - Article continues below

A report by Marsh and lobby group TheCityUK, published in May, argues that greater information sharing is needed between industries and law enforcement, and encourages the creation of an "industry-wide cyber forum" to support existing bodies.

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now
Advertisement

Most Popular

Visit/microsoft-windows/32066/what-to-do-if-youre-still-running-windows-7
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
Visit/policy-legislation/data-governance/354496/brexit-security-talks-under-threat-after-uk-accused-of
data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
Visit/hardware/laptops/354533/dell-xps-13-new-9300-hands-on-review-chasing-perfection
Laptops

Dell XPS 13 (New 9300) hands-on review: Chasing perfection

14 Jan 2020