Analyzing Bank of England's Outage
Cytelligence's Walker Blames Weak Perimeter DefensesJohn Walker, director of cyber forensics for the British security firm Cytelligence, says network security is often easy for hackers to penetrate, pointing to many recent examples.
In an interview with Information Security Media Group, he singles out a suspicious "technical" issue that reportedly took down part of Bank of England's payments network earlier this week. Walker, a featured presenter at ISMG's Global APT Defense Summit in New York, says Bank of England, like many other organizations that suffer similar outages, was likely the victim of a cyber-attack.
"What happened at the Bank of England?" he asks. "There are a number of questionable issues. You have an enormous, massively expensive system here that went down for an entire day. ... I just have some suspicions around the whole thing."
On Oct. 20, part of the Bank of England's automated system for settling high-value payments apparently failed to function, which the nation's central bank blamed on routine maintenance, according to a news report from The Irish Times. The outage lasted about eight hours, the newspaper reported.
But Walker says the incident likely offers more evidence that most banking institutions, including Bank of England, rely too heavily on weak defenses to secure their networks. "Perimeters are not enough to defend networks, and we are depending too much on the perimeter," he says. "That's why we are seeing the massive breaches we are today."
Too many organizations are either failing to detect intrusions or are failing to adequately investigate intrusions once they occur, Walker says. "Identifying when there's been an attack is one of the issues," he says. "Another issue is identifying the behavior patterns once the attack has been detected."
A Neglected Step
Walker contends that most businesses are mainly concerned with getting their networks and systems back online after a breach and neglect preserving forensics evidence that could be used to determine how the network was penetrated.
During this interview, which was conducted during the summit, Walker also discusses:
- Why most organizations lack the resources to adequately deal with breaches;
- Why incident response is often the biggest failure; and
- Why most network attacks are often swept under the rug rather than reported.
Walker has more than 30 years of operational security experience, including experience with nuclear security within the Royal Air Force. He also served in high-level information security roles with BEA Systems, supporting the Eurofighter program; General Motors, working with EDS; and Experian. Walker has been a visiting professor at Nottingham Trent University and has been chairman of the U.K. government's ISO/IEC 27001 steering committee.