US Regulator to Bolster Support for Small Banks Against Cyber Attacks

US regulator Office of the Comptroller of the Currency revealed that it will help smaller banks safeguard themselves against cyber attacks in a bid to protect the wider financial system.

In a statement, the US Comptroller of the Currency Thomas Curry said his office will help smaller banks, which do not have sufficient resources or expertise to block cyber attacks, as many larger banks have suffered from service disruption and destruction of information due to hacking.

Smaller financial institutions will need this support as they often do not operate their own networks, and rely on third party services for providing online banking tools. By outsourcing certain services to third parties, this can introduce new weaknesses to the system. For a hacker, each new connection provides access points to all of the connected networks, adding to their vulnerability.

The OCC also announced that it has installed a Senior Critical Infrastructure Officer to work with officials across the government and the private sector in order to address systemic concerns posed by cyber threats.

Curry noted that his office and his counterparts at the other regulatory agencies "are taking cyber threats in all of their forms very seriously".

"The growing sophistication and frequency of cyber attacks is a cause for concern, not only because of the potential for disruption, but also because of the potential for destruction of the systems and information that support our banks," Curry said in prepared remarks for a speech in Washington.

"These risks, if unchecked, could threaten the reputation of our financial institutions as well as public confidence in the system."

While almost every business sector, from newspapers and power utilities, facing cyber attacks, the financial services sector has recently become one of the more attractive targets, says Curry.

The websites of major US banks, including JPMorgan Chase, Wells Fargo, Citigroup and Bank of America, suffered from a series of "denial of service" attacks in 2012. Banks have spent millions to rectify its online systems since then.

Preparation to Face Challenges

Given the ubiquitous nature of the internet and the varying nature and scope of cyber threats in line with the advancements in technology, "staying ahead of these threats" is key to secure the financial system, says Curry.

"Financial institutions are improving their security daily, and the OCC and the other bank regulatory agencies are working hard to support them," he said.

In order to deal with cyber security issues, the Federal Financial Institutions Examination Council (FFIEC) established the Cybersecurity and Critical Infrastructure Working Group in June. Its members are working in coordination with intelligence, law enforcement, and homeland security officials, says Curry.

"The OCC stands ready to help the institutions we supervise in any way we can. We will participate actively in our public-private partnerships, and we will work to raise awareness among the banks we supervise through teleconferences and other outreach events," he added.