Cyber attack could be next shock to UK banks, warns KPMG

Cyber attack or disruption could cause the next systemic shock to the UK banking industry, warns KPMG

Cyber attack or disruption could cause the next systemic shock to the UK banking industry rather than a liquidity crunch, according to the latest report from business consultancy firm KPMG.

While the banking industry has addressed many of the problems that had led to the financial crisis in 2008, the report said cyber attacks or massive systems outages represented new threats.

The report noted that banks had suffered a 12% increase in online account fraud in the past year and that six major US banking institutions had suffered website outages in 2012.

The report said that the motivation for cyber attacks is shifting from financial crime to political and ideological attacks, with the number of state-sponsored hacking and hacktivist attacks increasing.

“KPMG is right to highlight the imminent cyber threat that is currently hanging over UK banks,” said Raj Samani, CTO (chief technology officer) of McAfee Europe.

“This has been building over the past year and if financial institutions haven’t already made security their top priority, they should do so immediately,” Raj Samani said.

In June 2012, McAfee and Guardian Analytics uncovered a highly sophisticated, global financial services fraud ring that hit the US banking system.

This attack delivered Zeus and SpyEye variants using automated techniques, showing that fraudsters are moving toward cloud-based servers with multifaceted automation. 

Equally malware targeting the Google mobile Android operating system (OS) is appearing, that looks to circumvent two-authentication via SMS text messages for internet banking customers, said Samani.

“Where Europe has been the primary target for financial fraud rings – such as Operation High Roller – in the past, McAfee’s research has found thefts are spreading outside Europe, including the US and South America,” he said.

Operation High Roller was made up of at least a dozen groups that used active and passive automated transfer systems to steal high-value transactions from high-balance accounts.

In July, KPMG warned that cyber leaks at FTSE 350 firms were putting the UK’s economic growth and national security at risk.

An analysis by the firm’s cyber response team reveals that companies vital to the UK’s economic growth and crucial to national security, are leaking data that can be used by cyber attackers.

According to the report, this data is readily available in the public domain and could be used to gain control of Intellectual property, perpetrate fraud and inflict reputational damage.

Read more on Hackers and cybercrime prevention