Simulation Designed to Help Test Defenses
ICS8 – “More than 1,000 banks will test their incident response strategies by participating in a simulated cyber-attack exercise. SWACHA’s Dennis Simmons says the drill, which is open to more participants, will help bolster defenses.
Banks are interested in testing their defenses in the wake of recent cyber-attacks, says Simmons, president and CEO of SWACHA, a regional payments association. Those attacks include account-takeover attempts linked to phishing and ACH and wire fraud, as well as distributed-denial-of-service attacks that are sometimes waged as modes of distraction to veil fraud.
“[The simulation] helps an institution understand its own internal communication and internal response to these types of incidents,” Simmons says in an interview with Information Security Media Group. And the drill can help banks and credit unions update their cyber-attack response plans.
Educating banking institutions about the possible risks they face during a cyber-attack is a goal of the simulated attacks, he says. For example, he points out: “The bad guys may launch a DDoS attack to divert attention [so they can] hijack an account or initiate fraudulent wire transfers.”
Open to More Participants
Banks can still sign up at the FS-ISAC website to participate in the two-day drill in October, which is sponsored by SWACHA, along with NACHA-The Electronic Payments Association; the Financial Services Information Sharing and Analysis Center; and numerous state banking associations.
Banking institution employees participating in the simulated attacks will be e-mailed attack scenarios and then asked to develop response strategies, he explains. “It’s a tabletop exercise. All you need to participate is an e-mail address and telephone.” Full Story