Lack of information on Tesco Bank hack frustrates fellow lenders | Reuters

By Lawrence White and Ritvik Carvalho | LONDON LONDON British banking executives and security experts are growing frustrated at the dearth of information available more than three months after 2.5 million pounds ($3.09 million) was stolen from Tesco Bank in the UK's biggest financial cyber heist.Security officers normally share information on an informal basis immediately after a major cyber incident so that the other banks can check their systems, sources at four of Britain's biggest lenders said.In the case of Tesco Bank, a small lender with annual profits of just 162 million pounds, details about exactly how criminals stole the money and what vulnerabilities were exposed have yet to be provided, however.The case has exposed the lack of proper procedures to share information as well as confusion over which government agency has ultimate responsibility for the issue, lawmakers and executives say. 'It is very frustrating,' a senior executive at one of Britain's largest banks told Reuters

Reuters February 07, 2017 22:18:21 IST
Lack of information on Tesco Bank hack frustrates fellow lenders
| Reuters

Lack of information on Tesco Bank hack frustrates fellow lenders
 Reuters

By Lawrence White and Ritvik Carvalho
| LONDON

LONDON British banking executives and security experts are growing frustrated at the dearth of information available more than three months after 2.5 million pounds ($3.09 million) was stolen from Tesco Bank in the UK's biggest financial cyber heist.Security officers normally share information on an informal basis immediately after a major cyber incident so that the other banks can check their systems, sources at four of Britain's biggest lenders said.In the case of Tesco Bank, a small lender with annual profits of just 162 million pounds, details about exactly how criminals stole the money and what vulnerabilities were exposed have yet to be provided, however.The case has exposed the lack of proper procedures to share information as well as confusion over which government agency has ultimate responsibility for the issue, lawmakers and executives say. "It is very frustrating," a senior executive at one of Britain's largest banks told Reuters. "The gentlemen's code has been broken."A risk officer at another of Britain's biggest lenders said a formal regulatory system was essential in a financial center like London where hundreds of banks of all sizes operate. "I am not going to criticize them [Tesco], the problem is the structure," he said.

The Nov. 5-6 attack, which affected 9,000 Tesco Bank customers, is the first major case to be investigated by Britain's new National Cyber Security Centre (NCSC), working with the National Crime Agency (NCA).The NCSC brings together and replaces a host of bodies including CESG (the information security arm of GCHQ), the Centre for Cyber Assessment, Computer Emergency Response Team UK and the cyber-related responsibilities of the Centre for the Protection of National Infrastructure.As regulatory authorities for the banking system, the Bank of England's Prudential Regulation Authority and the Financial Conduct Authority would also be involved in any regulations governing financial cyber crime.The NCSC did not respond to requests for comment on the Tesco case. An NCA spokesman said: "The investigation is ongoing therefore it would be inappropriate to comment further."

The new body is coming under pressure from the financial industry and lawmakers to act quickly. "It is up to the NCSC to institutionalize the sharing of information and give some kind of obligation or requirement for feedback after an attack like Tesco Bank," Troels Oerting, Group Chief Information Security Officer at Barclays, told Reuters. A team of academics from the University of Newcastle said in December that a relatively unsophisticated method known as 'distributed guessing' could have been used to generate usable card payment details in the November attack.

A spokesman for the bank, which is owned by leading supermarket chain Tesco Plc (TSCO.L), declined to discuss the specifics of the case."We continue to work closely with the authorities and regulators in their investigation of the criminal incident that took place last year. Our priority throughout has been to look after our customers," the spokesman said on Monday.Bank executives and cyber security experts told Reuters in October they feared Britain's banks are not reporting the full extent of cyber attacks to regulators for fear of punishment or bad publicity. ($1 = 0.8097 pounds) (Additional reporting by Andrew MacAskill; Editing by Sonya Hepinstall)

This story has not been edited by Firstpost staff and is generated by auto-feed.

Updated Date:

TAGS:

also read

France, Germany to agree to NATO role against Islamic State - sources
| Reuters
World

France, Germany to agree to NATO role against Islamic State - sources | Reuters

By Robin Emmott and John Irish | BRUSSELS/PARIS BRUSSELS/PARIS France and Germany will agree to a U.S. plan for NATO to take a bigger role in the fight against Islamic militants at a meeting with President Donald Trump on Thursday, but insist the move is purely symbolic, four senior European diplomats said.The decision to allow the North Atlantic Treaty Organization to join the coalition against Islamic State in Syria and Iraq follows weeks of pressure on the two allies, who are wary of NATO confronting Russia in Syria and of alienating Arab countries who see NATO as pushing a pro-Western agenda."NATO as an institution will join the coalition," said one senior diplomat involved in the discussions. "The question is whether this just a symbolic gesture to the United States

China's Xi says navy should become world class
| Reuters
World

China's Xi says navy should become world class | Reuters

BEIJING Chinese President Xi Jinping on Wednesday called for greater efforts to make the country's navy a world class one, strong in operations on, below and above the surface, as it steps up its ability to project power far from its shores.China's navy has taken an increasingly prominent role in recent months, with a rising star admiral taking command, its first aircraft carrier sailing around self-ruled Taiwan and a new aircraft carrier launched last month.With President Donald Trump promising a US shipbuilding spree and unnerving Beijing with his unpredictable approach on hot button issues including Taiwan and the South and East China Seas, China is pushing to narrow the gap with the U.S. Navy.Inspecting navy headquarters, Xi said the navy should "aim for the top ranks in the world", the Defence Ministry said in a statement about his visit."Building a strong and modern navy is an important mark of a top ranking global military," the ministry paraphrased Xi as saying.