Barclays combating terrorism by hacking its own systems to find holes

Barclays has assembled a team to ‘attack’ its own computer systems to try and find holes before cyber criminals do.

Barclays’ red team has been assembled by Troels Oerting, a former head of Europol’s European Crime Center, who joined the bank as chief information security officer in February,Bloomberg reports. The team is charged with hacking the website to find weaknesses so they can be fixed before criminals get to them.

“We emulate how criminals will try to get into the bank. Then the red unit will do the same work, testing our ability to detect, to prevent, to resist,” Oerting told Bloomberg.

More banks are said to be building red teams of spies and police that can bring expertise in the in-house fight against cyber crime.

Anyone who has ever found themselves locked out of their account because they couldn’t remember the their online passwords will be aware that banks are stepping up their security.

But the kind of crime combated by Oerting goes much further than stealing from individuals. Hackers use illegal software to infect a bank’s computer systems and send infected emails to employees. Once the employee opens the email, the hacker can go through that account to get into the bank’s network, where they will often lay dormant until they have enough information to transfer money into dummy accounts.

James Chappell, co-founder and chief technology officer of Digital Shadows, which is working with the Bank of England, told Bloomberg: “Cyber criminals are now looking for the responsible individuals inside banks who control many millions of pounds. Then a single high-value fraud is committed.”

T Bank of England launched a similar program last year, designed to protect the 35 most critical financial firms in the UK economy. CBEST, as the program is called, monitors hackers’ tactics and uses them to mimic attacked.

Andrew Gracie, executive director of resolution at the Bank of England, said at the launch of CBEST that it was vital that banks work together to combat hacking.

“Unlike other causes of operational disruption like fires and floods, we know there are agents out there – criminals, terrorist organisations or state sponsored actors – that have the will, if not necessarily the means, to attack the system,” Gracie said.

A spokeswoman for Barclays did not respond to requests for comment by press time.


. . . . . . . .

Leave a Reply