Dutch financial institutions to be hacked in Netherlands central bank test
A team of researchers organized by the Central Bank of the Netherlands (DNB) is going to try to hack the IT infrastructure of Dutch financial institutions. Secret test attacks will target banks, stock exchange providers, and clearing houses so that the DNB and the financial sector can improve the industry's cybersecurity, according to FD.
The new cyber-initiative is called Tiber and the protocol with it's rules was published on Tuesday by DNB. The structure of Tiber reminds one of a spy thriller: a "red team" of hackers from the best cybersecurity companies attacks a financial institution. Within the institution there will be a "white team", aware of the attack but not entitled to do anything but supervise the situation, and a ''blue team" that has to track and block the attack.
Petra Hielkema, the DNB division director responsible for payment traffic and market infrastructure, says attacks on the financial sector are a daily issue. "You have to stay constantly alert, always at the top with the new advancements. Since the institutions taking part in project Tiber are going to share their results with each other, we can enhance their cyber-resilience even faster," FD quotes her as saying.
"We see that the attacks are getting more and more advanced," adds Hielkema. Complex attack methods are then made available to young hackers that engage in the practice just for fun. Sometimes these methods are shared in under six weeks, she says.
Tiber is not meant for these youngsters, but to fight organized crime. "Those who have the purpose of making money, which will be invested in new attacks. But nowadays, destabilization is also a hacker's goal."
In the interview Hielkema recalled the episode with the worldwide payment network Swift in 2016. The hackers did not attack Swift directly, instead setting their sites on the financial reserve of the Bangladesh central bank held by the Federal Reserve of New York. and find weak points. The hackers managed to steal about $101 million, though trying to obtain closer to $1 billion, before their method was blocked. Nearly 38 percent of the money was later recovered.