Banking outage gives tiny glimpse of cybergeddon

Britons have been spitting blood this past weekend after a botched banking software upgrade at the UK government-owned Royal Bank of Scotland denied hundreds of thousands of people access to banking services. Customers of RBS and its NatWest and Ulster Bank subsidiaries have not been able to check their account balances or make major payments – such as deposits on houses – leaving some homeless.

While it is not yet clear why the software upgrade failed – or whether it was the fault of an off-shored computer facility in India – what is certain is that the episode has given us just a tiny taste of a nightmare scenario long feared by cyber security experts who advise western governments: What happens if there is an extended, simultaneous attack on all of the banks?

I was recently talked through this scenario by a source familiar with international deliberations on cyber defense. Imagine, the source said, that an attacker manages to disable the communications lines, or routers, linking a nation’s banks, ATMs and the point-of-sale debit/credit card terminals in supermarkets and garages. Suddenly, as few of us carry much cash these days, people cannot buy day-to-day essentials like food and fuel. “The big concern is that Hurricane Katrina style riots could break out on a mass scale as people take to looting,” the source said.

Particularly susceptible communications networks have already been identified by some governments and fixes put in place, the source said, patching, for example, vulnerabilities that came to light in the UK national telecommunications network during Tony Blair’s time in office.

However, the arrival of the reprogrammable computer worms Stuxnet, Duqu and Flame now pose a fresh cyber risk. These can attack industrial or financial infrastructure in a step-by-step fashion, overcoming multiple layers of security as they go by wielding different software “payloads” at the right time. Devised initially by US and Israeli intelligence to slow Iran’s nuclear program, these threats got into the wild and now provide attackers with handy cyber attack “construction kits”.

Continued forensic examination of these worms by antivirus firms should find ways to disable attacks based on them. But for how long can an American firm like Symantec, say, continue to reveal threat confounding measures when it is clear that a US intelligence organization is partly behind the threat? Last week, at the Adaptive and Resilient Complex Systems conference at the Royal Society in London, I asked Patricia Titus, Chief Information Security Officer at Symantec that very question.

“It’s our job – and we will continue to do it until we are told to cease and desist,”  she said.

Blowfish12@2012 Author: Sudharsun. P. R.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s