InfoSecBulletin Cybersecurity for mankind
The European Union’s central bank will perform its first cyber resilience stress test on 109 banks under its supervision in 2024. The test will evaluate the banks’ capacity to handle a cyber-attack successfully, rather than just preventing it.
Bangladesh bank published CBS guideline Version 2.0
Fortinet report
Attackers exploiting vulnerabilities 50% faster, just 4.76 days
TechCrunch report
Indian gov.t sites compromised to plant online betting ads
Damage Costs Predicted To Exceed $265 Billion By 2031
Ransomware expected to attack every 2 seconds by 2031
ALERT CISA WARNS
Black Basta ransomware breached over 500 orgs worldwide
Cyber Attack On Data Center Cooling Systems results disruption
Chrome Zero-Day Alert — Update Your Browser to Patch
Dell Discloses Data Breach: 49 million customers allegedly affected
BIG VULNERABILITIES IN NEXT-GEN BIG-IP
UK confirms Ministry of Defence payroll data exposed in data breach
The ECB evaluated banks’ IT risk management in November 2023 and found little progress in the sector. This announcement follows that evaluation.
It found “serious supervisory concerns that confirm the need to continue on-site inspections in conjunction with tailored discussions between banks and supervisors.”
How Will the Cyber Resilience Stress Test Work?
In the stress test scenario, a cyber-attack will have successfully disrupted the bank’s daily business operations. Supervisors will watch the bank’s response and recovery measures, including their ability to activate emergency procedures and restore normal operations.
Additionally, 28 banks will go through a more detailed evaluation, where they will need to provide additional information about how they dealt with the cyber-attack.
This will also check if there is enough coordination with other supervisory activities. These 28 banks represent various business models and geographies to reflect the euro banking system.
Supervisors will discuss the stress test results and lessons with each bank as part of the 2024 Supervisory Review and Evaluation Process, which evaluates a bank’s risk profile. The main findings will be published in summer 2024.
In October 2023, Lloyd’s of London predicted that a cyber-attack on a major financial services payment system could cause global economic losses of $3.5 trillion.
