UK pledges to beef up cyber defences after banks' 'war game'

By Steve Slater

LONDON (Reuters) - Britain's financial, transport and energy industries said they will strengthen their defences against cyber attacks, building on a war-game simulation where banks came under assault from "a hostile nation state".

Cyber attacks are increasing in regularity and severity as "hacktivists" and criminals become more sophisticated. Banks are frequently targeted by co-ordinated online assaults or hacks on specific lenders.

London's financial community tested its resilience in a war-game simulation in November, when investment banks and exchanges were tested against a concerted cyber attack "by a hostile nation state with the aim of causing significant disruption/dislocation", the Bank of England (BoE) said on Wednesday in a report on findings from the event.

About 220 bankers, regulators, government officials and market infrastructure providers took part in the exercise, dubbed "Waking Shark II". A similar exercise was held in 2011, and New York also held one last year, called "Quantum Dawn 2".

The simulated attacks disrupted services, wiped data and caused liquidity and funding issues for investment banks, the Bank said. There were also problems with payments, calculating overnight risk and margins, and clearing trades.

The Bank said the one-day exercise was a successful test of systems and any future test may include retail banking operations.

The report coincided with a meeting on Wednesday of UK lawmakers and regulators from Britain's financial, transport and energy sectors, as well as from its telecoms and water industries. They pledged to lay out a common set of objectives to protect essential services in the event of attack.

British Business Secretary Vince Cable said cyber security was "a top tier national security priority".

RBS ATTACKED

In December state-backed Royal Bank of Scotland said its platform was briefly attacked by hackers, causing problems for customers accessing accounts.

One unidentified London-listed company incurred losses of 800 million pounds ($1.3 billion) in a cyber attack several years ago, according to British security services.

Cyber criminals, extortionists and hacktivists - politically motivated hackers - may also be trying to influence share prices and interfere with commodity exchanges with the use of their distributed denial of service (DDoS) attacks.

"Since 2011, and growing in 2012 and 2013, DDoS attack campaigns have become a significant threat to financial firms," security firm Prolexic Technologies said in a recent report.

DDoS attacks bombard websites with huge volumes of traffic from multiple systems so they overload a server.

It can be hard to track the root of the attacks and it is often not clear why they take place - they may have no motive or could be a show of dissent by disgruntled customers or anti-capitalist protesters.

Prolexic said attacks on multiple U.S. securities and commodity exchanges ran for three months in 2012, co-ordinated by a group that claimed to support the Occupy Wall Street movement and was critical of international banks.

(Editing by Pravin Char)