Vince Cable Warns Of Digital Threats To Critical Infrastructure

Business secretary Vince Cable met with members of the critical infrastructure community yesterday, highlighting the need to protect against Internet-based attacks, as the Bank of England announced the results of Waking Shark II, a cyber resiliency test.

Companies from the financial, water, energy, communications and transport sectors met with ministers and senior officials from the security and intelligence agencies, talking about how to work together more efficiently.

Critical infrastructure threat

“Cyber attacks are a serious and growing threat to British businesses, but it is particularly important that those industries providing essential services such as power, telecommunications and banking are adequately protected to avoid disruption to our everyday lives,” Cable said.

“We can only achieve this objective through a partnership between government, the regulators and industry.”

Meanwhile, the Bank of England released the results of Waking Shark II, an exercise which tested the response of the wholesale banking sector to a simulated attack in November 2013.

The financial institutions involved were tested for their resiliency to attacks such as a distributed denial of service (DDoS) and highly-sophisticated malware hits. Rather than their defences being put under strain, Waking Shark II was designed to review the communication and response capabilities of participants.

In particular, it looked at the use of the Cyber Information Sharing Partnership (CISP), which was set up by the government last year to facilitate threat data sharing between organisations.

One finding was that there remains no cross-industry communication mechanism that would allow for information sharing to those outside the core wholesale and retail banks.

Whilst the overall response from participants was positive, according to the Bank of England, some said they would like to be tested more thoroughly. “A number of the participants suggested that the scenario could have been more technically challenging with greater market stress over  a longer period,” read the report. “The impact of the cyber attack was primarily focused on the participating firms and further stress could have been applied.”

Some suggested inviting more international firms and service providers like BT.

Think you know security? Test yourself with our quiz!