In the Bank of England’s 2013 H2 Systemic Risk Survey Banks and Financial organisation highlighted operational risk as one of the main risks to UK financial stability.
The majority of the respondents cited cyber-attacks from individuals or groups seeking to exploit vulnerabilities in IT systems for financial gain or to disrupt services as a significant threat.
The report states In the past six months, several UK banks and financial market infrastructures have experienced cyber attacks, some of which have disrupted services. While losses have been small relative to UK banks’ operational risk capital requirements, they have revealed vulnerabilities. If these vulnerabilities were exploited to disrupt services, then the cost to the financial system could be significant and borne by a large number of institutions
In June 2013 the bank of England said:
HM Treasury, working with the relevant government agencies, the PRA, the Bank’s financial market infrastructure supervisors and the FCA should work with the core UK financial system and its infrastructure to put in place a programme of work to improve and test resilience to cyber attack
Perceived Risks from Cyber Attacks have risen strongly
HM Treasury, other government agencies and financial authorities have formed a Cross Market Operational Resilience Group who will work to assess, test and improve cyber resilience across the core parts of the UK financial sector.
On the 12 November, under the supervision of the Cross Market Operational Resilience Group, an exercise called Waking Shark II took place to test the financial sector’s response to a sustained and intensive cyber attack It was an industry led exercise; supported by HM Treasury, the Bank of England and the FCA and several other government agencies. The report on the outcomes and lessons will be issued in early 2014.