Because of fears that Russian-linked hackers could attempt to cause financial crisis, the Bank of England ordered lenders to strengthen their cyber defenses.
Threadneedle Street officials instructed last week banks, insurers, and market infrastructure companies that they should wargame their response in the event of a severe attack
Sarah Breeden, Head of Financial Stability at the Bank, sent a letter to executives stating that companies had until March 2025 to put their emergency response plans and systems in order.
She stated that “Firms will have to demonstrate that they are testing against severe, but plausible scenarios… and that this testing should become more sophisticated in the future.”
“Firms should demonstrate, through testing, that they can remain within the tolerance for impact or, if they are unable, to invest in and take action to increase their operational resilience.”
Ransomware gangs are targeting companies critical to Britain’s financial system and there are concerns that the City might be especially vulnerable to cyber attacks.
A survey of 130 financial institutions worldwide in 2022 found that almost three quarters had experienced at least one ransomware attack within the last year.
ION Group, a company which plays an integral part in City trading’s plumbing, was attacked by the same Russian-linked ransomware gang. This caused chaos at City trading desks.
This attack had a knock-on impact on other trade processing systems, and some companies have been forced to manually process trades.
Ms Breeden stated that Square Mile companies must improve their operational resilience. She added: “This means firms should have assessed their vulnerabilities and risks and, where they may be threatening their ability to maintain impact tolerances through severe but plausible scenarios, the firm should have an action plan to address them.”
She stated that it was important for firms to invest in areas that would improve their ability to respond to and recover after incidents. To better manage financial stability and reduce the risk of an incident, it may be worth investing in appropriate mitigants.
Although Ms Breeden didn’t specifically mention Russia-linked groups, researchers warned that the risk of a Russian-linked group being identified as a threat has been significantly raised by worsening relations with Moscow.
The US-based Financial Services Information Sharing and Analysis Center published a report last month that found that Russia’s invasion of Ukraine has triggered a surge in cyberattacks.
It stated that “Financial companies in countries Russia considers hostile were targeted for attacks and named as targets on Telegram, and other hacktivist forums.”
“While these attacks have not had a significant impact on the economy, they have been notable for their ability to disrupt major companies and governments temporarily while also generating media attention.”
After its first cyber stress test, which was conducted last year for market infrastructure and lenders, the Bank issued a warning. This test was not a formal pass/fail assessment but an exploratory exercise.
The Bank’s Financial Policy Committee stated last week that they recommend that businesses plan, prepare, test, and invest in such situations to minimize any adverse impact on financial stability and ensure service delivery.
Lockbit ransomware hacked into Royal Mail and ION Group, causing them to be both targeted. The ransomware flashes up a message demanding that they pay in hard-to-trace cryptocurrencies for the privilege of unlocking their files again.
This cyber gang is known to have demanded ransoms in excess of 100 million pounds from victims and extorted approximately $100m (PS82m) over the years.