Central bankers lay out digital currency cyber threat
Send a link to a friend
[July 08, 2023] By
Marc Jones
LONDON (Reuters) - The central bankers' central bank, the Bank for
International Settlements (BIS), has laid out a seven-point plan
designed to help countries prevent cyber hacks on the new wave of
digital national currencies under development.
Around 130 countries are now exploring central bank digital currencies (CBDC)
to keep up with technological change, but there are worries that the
online nature of them could make them a major target for criminals and
hostile states.
The BIS acts as an umbrella body for the U.S. Federal Reserve, European
Central Bank, Bank of England and other central banks around the world
and has been co-ordinating a lot of work on CBDC development.
In two interlinked reports published on Friday it warned that CBDC
systems were, "complex, with a large attack surface and many potential
points of failure, bringing new and elevated risks".
Analysis of past cyber attacks also revealed "gaps" in the security
attack modelling systems of the more technologically-advanced CBDCs and
that the "mean time to attack" - the time it took for hackers to
successfully compromise a blockchain type set-up - was only around 10
months on average.
"This is a key point to note for central banks about to launch a CBDC,
they must be thoroughly prepared to adequately monitor and repel both
well understood and novel" cyber attacks, the BIS said.
The worry is that a successful attack on a CBDC could seriously erode
public confidence in the new currencies as well as the central banks
themselves and the wider financial system.
[to top of second column] |
The tower of the headquarters of the
Bank for International Settlements (BIS) is seen in Basel,
Switzerland March 18, 2021. REUTERS/Arnd Wiegmann/File Photo
Hackers have struck a number of central banks in recent years from
Denmark to Bangladesh. According to crypto research firm Elliptic,
users of cryptocurrency, non-fungible tokens (NFTs) and other
digital assets lost $10.5 billion due to theft in 2021.
The BIS called its seven-point plan the "Polaris security and
resilience framework".
Specifically, it calls on central banks to:
• Recognise the complexity and new threat landscape brought by CBDC
systems.
• Adopt modern enabling technologies supporting security and
resilience where appropriate.
• Take stock of existing capabilities that could be used by a CBDC
system.
• Identify areas that need to improve and new capabilities that need
to be implemented.
It also called for central banks to use the global "MITRE ATT&CK"
database of past cyber attacks, and for an "official extension" of
the MITRE ATT&CK framework to help central banks beef up their
security measures.
(Reporting by Marc Jones; Editing by Susan Fenton)
[© 2023 Thomson Reuters. All rights
reserved.]
This material may not be published,
broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content. |