Protecting financial systemsSecuring financial infrastructure against cyberattacks

Published 30 September 2011

To protect the U.S. financial sector from increasingly ubiquitous and costly cyberattacks, DHS plans to work more closely with other federal agencies as well as the private sector to defend against hackers

 

To protect the U.S. financial sector from increasingly ubiquitous and costly cyberattacks, DHS plansto work more closely with other federal agencies as well as the private sector to defend against hackers.

In recent testimony before the House Financial Services Subcommittee on Financial Institutions, Greg Schaffer, DHS’ acting deputy undersecretary of the National Protection and Programs Directorate, said, “To achieve our shared goals, we need to increase the sharing of timely and relevant intelligence information concerning cybersecurity threats with financial sector stakeholders.”

Schaffer said DHS plans to work with cyber intelligence and analysis to address specific threats that face the financial industry. DHS already offers direct assistance to individual companies by assisting in analysis, improving their cyber defenses, and helping to respond to security breaches.

As an example, Schaffer pointed to an incident in June 2010, when US-CERT and the FBI successfully thwarted a cyber threat by working across the government as well as with the private sector. Federal officials had received warning that hackers had set up phony online accounts to steal sensitive data. In response, Schaffer said, government agencies helped the targeted business by analyzing the threat and developing mitigation strategies as well as plans to prevent recurrences.

In another incident in December 2010, US-CERT discovered similar attacks on other financial institutions and so DHS worked to coordinate efforts by US-CERT, the FBI, and the NSA to develop a mitigation strategy.

In the coming months, DHS will expand on a pilot program that sends qualified financial IT experts to banking and financial companies to help analyze and respond to threats. As part of the expansion of the program, it will be offered to other critical infrastructure operators and an online information sharing tool will be created for experts to discuss threats and pool expertise.

The portal will have the capability to process Protected Critical Infrastructure Information while offering timely and actionable analysis and mitigation products for critical infrastructure participants based on stakeholder contributions and unclassified government reporting,” Schaffer said.