Daily News Online
   

Tuesday, 17 May 2011

Home
 | SHARE MARKET  | EXCHANGE RATE  | TRADING  | OTHER PUBLICATIONS   | ARCHIVES | 

dailynews
 ONLINE

OTHER PUBLICATIONS

OTHER LINKS

Marriage Proposals
Classified
Government Gazette

Defensive action against internet based threats

SL banking sector completes first cyber security drill:

Information security specialists watching the Internet for latest trends report the acceleration of cyber attacks carried out through fake web sites and forged emails on the banking and financial sector, which accounts for many millions in loses to both banks and their customers.


Participants at the cyber security exercise.

The opportunity costs due to these attacks on the banking industry might be even greater as widely reported attacks and the devastations left in their aftermath leave both banks and customers fearful of integrating and embracing technology that can clearly deliver cost savings and greater customer satisfaction.

As financial and technology confidence losses mount due to various IT frauds, especially phishing attacks targeted at e-banking customers, it has become imperative for Sri Lankan banks, in the best interest of their customers to be prepared to successfully counter cyber attacks.

To meet this critical challenge, the Cyber Security Drill Team of the Department of Computer Science and Engineering of the University of Moratuwa in collaboration with the Institution of Engineers Sri Lanka and TechCERT conducted a cyber security drill exclusively for Sri Lankan banking industry.

The cyber security drill, conducted on May 12, spanned a period of two and a half hours with the participation of seven major banks in Sri Lanka. The threat scenario was based on an advanced phishing attack with the attackers using multiple hosting locations.

A team of engineers from TechCERT specializing in cyber security trained an 18-member cyber security drill team on the planning, logistics and operations of conducting cyber attacks and defences while spearheaded the Exercise Control (EXCON) operations, which provided a central point of observation and coordination for the cyber security drill.

During the exercise the IT security specialists along with the higher management of the participating banks untangled the scenario-based attacks towards a virtual bank. The cyber security drill team units, co-located with participating bank information systems staff, provided technical expertise on site to the banking staff and helped them improve their computer incident response actions.

The drill was observed at the EXCON by representatives from the Department of Computer Science and Engineering of the University of Moratuwa, Institution of Engineers Sri Lanka and a senior official from a financial sector technology provider.

The cyber security exercise was declared a success with participating banks completing the incident response and defensive action tasks prepared by drill team.

It is expected that this successful cyber security exercise would contribute to the further improvement of the overall incident handling and management processes and better prepare the Sri Lankan banking industry to face emerging Internet based threats in their drive towards deploying e-banking services.

EMAIL |   PRINTABLE VIEW | FEEDBACK

Kapruka
Telecommunications Regulatory Commission of Sri Lanka (TRCSL)
www.news.lk
www.defence.lk
Donate Now | defence.lk
www.apiwenuwenapi.co.uk
LANKAPUVATH - National News Agency of Sri Lanka
www.army.lk

| News | Editorial | Business | Features | Political | Security | Sport | World | Letters | Obituaries |

Produced by Lake House Copyright © 2011 The Associated Newspapers of Ceylon Ltd.

Comments and suggestions to : Web Editor