Following the news that the Bank of England’s Financial Policy Committee warned Britain’s lenders that they need to do more to protect themselves against cyber attacks, UK banks will next month launch an extensive cyber threat exercise.
The most extensive exercise in two years, it will test the preparedness of the financial system to survive a sustained online attack.
Operation Waking Shark 2 has been scheduled for mid-November with every high street bank expected to take part in a one-day "war game" simulating the impact of a major cyber attack on the payments and markets systems on which the UK’s financial system depends.
An outside consultant has designed the test, which to assess the ability of Britain’s core financial services providers to withstand attacks by cyber criminals as well as state-sponsored terrorist attacks on the UK.
The exercise comes two years after the now defunct Financial Services Authority launched the Original Operation Waking Shark to test the strength of the online defences.
One source on the inside of the latest test said it would simulate a "very severe" attack on British banks, the stock market and payment providers. Several thousand people across the financial services industry and at the regulators will take part in the exercise.
"This is absolutely vital work and will enable us to see how are defences work in the event of a real attack and what areas need to be improved," said the source.
The results of the operation will be used to benchmark banks’ cyber security with those failing to meet the standard having to invest more in online controls.
The cyber stress test comes amid increased concerns over the potential vulnerability of key parts of the financial system to attacks ranging from lone ‘hacktivists’ right up to coordinated assaults financed by hostile countries.
Last month, a group of men were arrested after a suspected attempt to plant a remote device in a branch of Santander UK that it is alleged could have allowed criminals to steal money from customer accounts.
