BreachExchange mailing list archives
Cyber Threats Pose Potential Systemic Risk
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Fri, 20 Sep 2013 00:41:24 -0600
http://www.nasdaq.com/article/occs-curry-cyber-threats-pose-potential-systemic-risk-20130918-00810 WASHINGTON--Hackers and other cybercriminals pose as grave a threat to the financial system as the recent financial crisis if banks and government officials don't mount an effective response, a top U.S. official warned Wednesday. The growing sophistication of cyberattacks spawned by criminal organizations, hackers and other foreign governments could pose a systemic risk to the financial system, Comptroller of the Currency Thomas Curry said in prepared remarks for a speech in Washington. While such threats are manageable the risks should not be downplayed, Mr. Curry said. "The financial services industry is one of the more attractive targets for cyberattacks, and, unfortunately, the threat is growing," Mr. Curry said. Regulators and financial industry executives have increasingly raised alarms about the ability of cybercrimes to disrupt the financial system. Banks have spent millions trying to stave off and respond to such strikes, including " denial-of-service" attacks against banks such as Bank of America Corp. ( BAC ) and Capital One Financial Corp. (COF ) that take down bank websites. One growing area of concern is the potential for criminal elements to target smaller banks, which frequently have less sophisticated protections than their Wall Street brethren. Regulators have warned that cybercriminals could exploit a weakness at a smaller firm as a way to access payment systems and the financial system more broadly, taking advantage of the increasing interconnectedness of banks. "Each new product can introduce a new set of weaknesses into the system, and our early adoption of new applications and technology can outpace our ability to identify and mitigate the vulnerabilities," Mr. Curry said. Regulators and the financial services industry need to better share information, as do the host of federal agencies that track and respond to potential cyberattacks, Mr. Curry said. He noted that government officials have held a regular series of classified briefings for banks on potential threats, and stressed that bank executives need to take responsibility for combating potential risks. "It's vital that senior management appropriately evaluate risks and develop prudent implementation and contingency plans," Mr. Curry said.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: # OWASP http://www.appsecusa.org # Builders, Breakers and Defenders # Time Square, NYC 20-21 Nov o()xxxx[{::::::::::::::::::::::::::::::::::::::::> Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security offers security intelligence, risk management services and customized security solutions. The YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.
Current thread:
- Cyber Threats Pose Potential Systemic Risk Audrey McNeil (Sep 24)