US Treasury tells banks to provide more cyber attack information
The US Treasury Department’s Financial Crimes Enforcement Network (FinCEN) has issued an advisory to financial institutions on cyber events and cyber-enabled crime.
FinCEN said cyber criminals target the financial system to defraud financial institutions and their customers and to further other illegal activities.
Financial institutions can play an important role in protecting the financial system from these threats through thorough and timely reporting of cyber attacks, the advisory said.
FinCEN said the advisory was aimed at the financial sector’s cyber security units, network administrators, risk departments, fraud prevention units and all those involved in anti-money-laundering activities.
In addition to the advisory, FinCEN has issued guidelines on the reporting of cyber events, cyber-enabled crime and cyber-related information through suspicious activity reports (SARs).
The guidelines call for SARs to include all relevant and available cyber-related information, such as the magnitude and characteristics of the event, indicators of compromise (IoCs), methods used, relevant internet protocol (IP) addresses with timestamps, virtual-wallet information and device identifiers.
FinCEN is also calling for greater collaboration between anti-money-laundering units and in-house cyber security units to identify suspicious activity, and the sharing of information, including cyber-related information, among financial institutions to guard against and report money laundering, terrorism financing and cyber-enabled crime.
The move by FinCEN comes just a week after US bank regulators outlined cyber security standards to protect financial markets and consumers from online attacks.
Cyber security issues have become a priority for regulators as the likes of the New York Federal Reserve have been caught in high-profile cyber attacks.
The new standards will require banks with assets of $50bn or more to use the most sophisticated anti-hacking tools on the market and to be able to recover from any attack within two hours, reports Reuters.
Qualifying financial institutions will also be expected to be capable of operating critical business functions in the face of cyber attacks.
The financial industry has been invited to comment and provide feedback in the next three months before authorities finalise the rules aimed at raising cyber security to a top priority for executives and directors.
“While banks arguably allocate the most resources towards addressing cyber security of any industry, they still lose billions every year due to hacking,” said Mike Ahmadi, global director of critical systems security at Synopsys.
“While they have remained profitable despite such losses, one of the major concerns is a loss in consumer confidence, which is something they cannot easily rectify.”