The initiative will not be a “war game” involving live testing and will instead check communication and coordination links between governments, authorities and companies, an e-mailed statement from CERT said. While it will involve financial firms, it will not test their individual responses, it said.
As online criminals grow more sophisticated the exercise is part of ongoing engagement between the UK and US after President Barack Obama and Prime Minister David Cameron said in January the two countries would deepen cyber security ties. Further details on the initiative should be released in the next couple of weeks, CERT said.
“The exercise is still in the planning stages and as such we are unable to currently confirm all the participants,” the statement said. “The event will be taking place before the end of the year.”
The London-based Sunday Times reported the initiative earlier saying the Bank of England will be involved. A spokeswoman for the BOE declined to comment when contacted by Bloomberg News.
The planned exercise follows alleged hacking attacks on UK phone carriers Vodafone Group Plc and TalkTalk Telecom Group Plc in recent days. In previous initiatives the BOE has tested lenders’ defenses against cyber attacks by mimicking hackers’ own techniques. In February 2014 the central bank released findings from an exercise called “Waking Shark II,” which tested the resilience of 14 banks to attack from a hostile state. The test revealed “major challenges, particularly in relation to payments issues,” at some firms, the BOE said.
A separate report from consultancy firm KPMG on Sunday showed a survey of 175 UK procurement managers of large companies found that 94 percent agreed the cyber security standards of suppliers were important when awarding a contract to small- and medium-sized enterprises.
(Bloomberg) -- The US and British governments will hold a joint exercise to test cyber security and information sharing arrangements involving global financial institutions, according to the UK National Computer Emergency Response Team.