Australia’s banks and financial institutions are gearing up to face a wave of simulated cyberattacks. While the idea of hacking might send shivers down the spine of any financial institution, this particular series of attacks is not what it seems.
The Australian Cyber Security Centre (ACSC) has reported a nearly 13% year-on-year increase in cybercrime incidents, prompting a proactive approach to enhancing cybersecurity.
The Council of Financial Regulators (CFR) took the initiative in 2019 to bolster cybersecurity measures across the Australian financial sector. The result was the introduction of a novel framework designed to enhance cyber resilience.
Within the framework, an external cybersecurity service provider will orchestrate a series of exercises known as Cyber Operational Resilience Intelligence-led Exercises (CORIE). The exercises function as simulated cyberattacks, closely resembling real-life threats that financial institutions may face.
Objectives of the CORIE program
The primary objective of CORIE is to help financial institutions identify vulnerabilities and weaknesses in their existing security systems. It will also focus on the following objectives:
- Provide data and information to inform relevant Australian Regulators of systemic weaknesses that may present a risk to the integrity of the Australian financial markets and financial system
- Assess FI’s resilience to known adversaries targeting the FI
- Provide the relevant Regulator and FI with a plan of remediation to address any identified weaknesses
By conducting these realistic simulations, the Council of Financial Regulators aims to ensure that banks and other financial entities are well-equipped to handle potential cyber threats effectively.
The significance of these exercises can’t be overstated, especially in the context of the growing cybercrime threat in Australia.
The Australian Cyber Security Centre’s recent report highlighted the alarming increase in cybercrimes, making it clear that a robust defense strategy is needed to safeguard financial institutions and their customers.
By simulating various cyberattacks, CORIE allows banks to assess their incident response capabilities, the effectiveness of their security systems, and the proficiency of their personnel in dealing with security breaches.
The exercises will also serve as an excellent opportunity for employees to learn how to react to a real-life cyberattack, even if they believe it is a genuine threat.
While the notion of Australia’s banks being “hacked” may initially raise concerns, it is crucial to understand that these attacks are, in fact, a critical part of building a resilient cybersecurity posture.
Additionally, the financial industry’s willingness to undergo these realistic simulations demonstrates a proactive approach to addressing the escalating cybercrime challenges that Australia faces.
It’s clear that in this case, the saying “practice makes perfect” holds true, as these exercises will help Australia’s financial institutions stand strong against the ever-evolving landscape of cyber threats.
The notable rise in both the quantity and complexity of cyber threats.
In Australia, there has been a notable rise in both the quantity and complexity of cyber threats. This escalation has facilitated the proliferation of criminal activities such as extortion, espionage, and fraud on a larger scale.
The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) recorded a surge in cybercrime reports, with over 76,000 cases reported, marking an increase of nearly 13 percent compared to the previous financial year.
This translates to an alarming statistic of one report submitted approximately every 7 minutes, contrasting with the previous year’s frequency of one report every 8 minutes.
Since its launch, 15 financial institutions have participated in CORIE and more are about to be tapped by the CFR for the impending year’s round.
