HSBC hit by denial-of-service attack
The online retail services of HSBC have been brought down in a distributed-denial-of-service attack according to the bank. Online services were inaccessible to clients, the second online service problem the bank’s customers have faced this month, following a two-day outage earlier in January that the bank reported was not caused by a cyber-attack.
Concern about the vulnerability of bank services to cyber-attacks and technology failures was highlighted earlier this week by Member of Parliament Andrew Tyrie, the chairman of the UK’s Treasury Select Committee.
Tyrie published correspondence between himself and the heads of major UK banks including Antonio Simoes, chief executive of HSBC Bank, regarding an outage of payments services on 28th August 2015.
Simoes had contacted the Committee himself when the event occurred, saying “I have personally overseen our response as I wanted to make sure we found a solution as soon as possible,” and went on to explain that a payment order that exceeded the £1 billion limit for the BACS payment system had led to the stoppage.
Tyrie wrote to the heads of the UK regulatory bodies, the Prudential Regulatory Authority and the Financial Conduct Authority, on 22 January to argue that banks need more Board-level IT expertise, more resources applied to technology and legal, regulatory, structural and cultural changes to avoid exposure of the public to “delays in paying their bills, the inability to obtain access to their own funds and unauthorised access to their accounts.”
