Article Lead Image

U.S. and U.K. testing response scenarios for financial-sector cyberattacks

This is how serious the countries are about a potentially devastating hack.


Eric Geller


The United States and United Kingdom are coming together to test how their financial sectors respond to cyberattacks.

The test, scheduled for later this month, is the latest joint operation by the two countries to mitigate the economic consequences of a large-scale cyber attack.

Specifically, authorities in both countries want to see how their respective treasury departments communicate during a cyberattack. Their aim is to identify shortcomings in the process that could hobble a real-world incident response.

“It is testing how we would react to ‘x’ scenario, how would our colleagues in the U.S. react to the same, [and] how would we then coordinate communications with each other, to the sector and within the sector,” a spokesman for the United Kingdom’s computer emergency readiness team (CERT) told Reuters.

The test, called Operation Resilient Shield, is the product of a January agreement between the two countries to determine principles for cybersecurity cooperation.

“Both governments have agreed to bolster our efforts to increase threat information sharing and conduct joint cybersecurity and network defense exercises to enhance our combined ability to respond to malicious cyber activity,” the White House said in a fact sheet released at the time.

Much of that cooperation will occur through the two countries’ CERTs, which are special cybersecurity response units akin to cyber hazmat teams. But the Federal Bureau of Investigation and the National Security Agency will also collaborate with their British counterparts to share information; those four agencies established a “joint cyber cell” with offices in both countries, according to the White House.

The U.K. CERT spokesman told Reuters that bank customers would not notice the upcoming test, as it wouldn’t interrupt the normal flow of ATMs and other financial services. 

In addition to the energy and healthcare sectors, banks and other large financial firms are considered “critical infrastructure” because of the large-scale disruptions that a cyberattack on them could cause.

U.S and U.K. spy chiefs told financial executives in July that Russian cyberattacks on Western banks were a more pressing concern in light of United Nations sanctions on Russia over its actions in Ukraine.

“If, for example, sanctions were increased on Russia over Russian behavior in Crimea and Ukraine, I would expect so-called patriotic hacker groups to attack Wall Street and the City [of London] in return,” Sir David Omand, the former head of British spy agency Government Communications Headquarters, told the audience at the London Stock Exchange.

Photo via Dave Center/Flickr (CC BY 2.0)

The Daily Dot