Banking Security

British bank has a third of its customers’ accounts hacked

British bank has a third of its customers' accounts hacked. Main image: Vector Tradition,
Written by Chris Skinner

If you think the big banks can’t possibly suffer the same fate as Tesco Bank, think again. Story by Chris Skinner.

We’ve seen some pretty strong attacks on banks’ cyber-defences in the past year. Three major incidents in the Swift network, 50 at the Federal Reserve, problems at the Bank of England and many other central banks, a major incident at the Danish payment processor Nets, and big banks such as HSBC and JPMorgan have all been affected.

Admittedly, most of these are DDoS – Distributed Denial of Service – attacks, which bring down websites but not banks, yet that’s just the tip of the iceberg. After all, it used to be that thieves would rob bank branches because that’s where the money was. Now they rob bank servers because that’s where the money is.

These incidents of cybercrime are often unnoticed, however, as banks are loathe to publish and say they were hacked … but one did just that this week: Tesco Bank. A hacker got into the bank and compromised 40,000 of its 136,000 accounts. That’s a third. Of those compromised, the bank originally thought that 20,000 had been hacked with money taken, but it turns out it’s 9,000 who lost £2.5m ($3.2m). Even so, the bank had to shut down its internet banking service to all customers for several days while it sorted out the mess, and suspended all online debit card and contactless card transactions.

This is seriously worrying for a bank’s reputation. It has promised to reimburse all customers who were impacted, but to openly say it was hacked isn’t good for the image.

Dark Net and chatrooms

But hey, Tesco is a small bank. It couldn’t happen to a big boy, could it? Erm, read the opening paragraph.

So what’s the solution? Well, cyberthieves are really good at sharing what works and what doesn’t work. Using the Dark Net and chatrooms, they share huge amounts of information, from credit card details to usernames and passwords, to offering any delicacy you might dream of. Why don’t banks do the same?

Now they do. From Bloomberg, there’s a really interesting discussion with Troels Oerting, group chief security officer (CSO) and group chief information security officer (CISO) at Barclays:

“The organised crime groups in cyber are sharing much better than we are at the moment,” says Oerting, a Dane with a square jaw and the watchful eyes of a cop who’s investigated the underworld for 35 years. “They’re sharing methodologies, knowledge, tools, practices – what works and what doesn’t.”

Now he and his counterparts at other big banks are doing some networking of their own. Oerting, who led the European Cybercrime Centre in The Hague before joining Barclays in 2015, has assigned some of his people to join allies from four other big U.K. banks at an operations centre in London’s Canary Wharf complex. They sit side by side with police officers from the U.K. National Cyber Crime Unit.

The idea is that this industry-government “fusion cell,” the Cyber Defense Alliance, will let the sleuths swap tips, techniques, and hunches the same way the bad guys do. “To do this right, you need to have trust,” Oerting says. “If I give information to another bank about my breaches, I don’t want to see this on the front page of the newspaper the next day.”

The effort, the first of its kind in the U.K., mirrors a similar initiative in the US called the National Cyber-Forensics and Training Alliance, a nonprofit in Pittsburgh that brings together academics, corporate security executives, intelligence operatives, and law enforcement officials. Barclays has also installed an analyst at Interpol’s cyber investigations unit in Singapore.

Joining forces marks a big change for institutions long reluctant to share information about their IT systems, let alone how they’re compromised. They’ve decided they better reboot that mindset fast if they want to counter the online onslaught assailing their walls. In the second quarter of this year, cybercriminals tried to inject more than 1 million malware programs into financial companies worldwide, a 50 percent jump from the same period in 2015, according to Kaspersky Lab, a global cybersecurity company …

Banks under fire. Figures based on attacks blocked by Kaspersky Lab software.

Maybe Tesco needs to join the Cyber Defense Alliance … oh no, too late.

READ NEXT: How do I know it’s the digital you?

– This article is reproduced with kind permission. Some minor changes have been made to reflect BankNXT style considerations. Read more here. Main image: Vector Tradition,

About the author

Chris Skinner

Chris Skinner is an independent commentator on the financial markets through the Finanser, and chair of the European networking forum the Financial Services Club, which he founded in 2004. He is an author of numerous books covering everything from European regulations in banking through to the credit crisis, to the future of banking.

Leave a Comment