Banks large and small are girding for an elaborate drill this week that will test how they would fare if hackers unleashed a powerful and coordinated attack against them. Cyberattacks on the banking industry are growing more frequent and sophisticated and the list of assailants is ever-changing: crime bosses who want money, “hacktivists” who want to make political statements, foreign governments that want to spy on U.S. companies. Jamie Dimon, CEO of the country’s biggest bank, JPMorgan Chase, acknowledged that attacks are becoming more complex and dangerous, no longer carried out by “fairly simplistic” hackers commandeering people’s personal computers.<\/p>\n","protected":false},"excerpt":{"rendered":"
<\/p>\n
JPMorgan and its peers like Bank of America, Citigroup and Wells Fargo have signed up for Thursday’s drill, which is being organized by Wall Street’s biggest trade group, the Securities Industry and Financial Markets Association, or SIFMA.<\/p>\n
<\/p>\n
They’ll monitor a simulated stock exchange for irregular trading and will be pressed to figure out what’s going on and how to react while sharing information with regulators and each other.<\/p>\n
<\/p>\n
But that was before a wave of cyberattacks last fall, when big banks were forced to temporarily shut down their websites after attackers bombarded them with traffic \u2014 akin to overwhelming a phone line with too many calls.<\/p>\n
<\/p>\n
“If you went to banks three years ago, and said, ‘What are your top five risks?’, probably none of them would put cyber on there,” said Karl Schimmeck, SIFMA’s vice president for financial services operations.<\/p>\n
<\/p>\n
The Office of the Comptroller of the Currency, which regulates national banks, recently held a call with community bankers to warn them that they’re not free from danger either: Since September, attacks have been increasingly aimed at businesses with fewer than 250 employees, the OCC says. Customers would have to go through certain steps to get their money back, like filing a claim, showing that they weren’t negligently tossing their account information around and giving the bank time to investigate.<\/p>\n
<\/p>\n
A DRILL BY ANY OTHER NAME: As for the title of Thursday’s drill, the one that sounds more appropriate for an action movie than a bank security exercise, it came about during the creation of the original drill in 2011, which was organized by the Financial Services Sector Coordinating Council.<\/p>\n