FinCERT to help Russian banks respond to cyber-attacks

The Russian Central Bank has established new centre for dealing with cyber-attacks in Russia's financial sector, due to be fully operational this month.

Russian Bank
Russian Bank

This month Russia's new centre for collection and sharing of cyber-attack information in the Russian banking and financial sector goes into full operation.

Established by the Russian Central Bank, the new centre is to be called FinCERT. It has been set up following aDecember 2014 order by the Russian Security Council, a consultative body of the Russian President that implements the President's decisions on national security affairs. This order called for establishment of a centre to respond to cyber-fraud and cyber-attacks on the national financial sector including facilitating notification of possible cyber-threats.

The new centre is headed by Dmitry Frolov, a former senior manager at the Central Bank, who has also previously served in the Russian Federal Security Service. Artyom Sychev, deputy head of FinCERT toldSCMagazineUK.com that FinCERT has already begun cooperation with the Russian Ministry of Internal Affairs and Federal Security Services and plans to start its full-scale operations from the middle of this month (July).

Sychev adds that establishment of the new centre is regarded as very important for the security of the entire Russian financial and banking system, taking into account  that the number of cyber-attacks on Russian banks is growing by 20 percent each year, with losses put at more than £45 million last year.

Sychev said that cooperation between Russian banks and the new centre will be on a voluntary basis, however in some cases the banks will be obliged to provide certain essential information to FinCERT.

It is planned that the centre will provide recommendations for banks when to suspend payments which have indicators of fraud, and will ask them for information about specific clients suspected of stealing. In addition, FinCERT will focus on analytical work, as well as the prevention of DDoS-attacks on the websites of banks.

Russian analysts believe that the success of FinCERT will mostly depend on demonstrating its ability to respond effectively to cyber-attacks, as well as the number of banks that choose cooperate with it.

Vilen Timiryazev, vice-president of Alfa Bank, one of Russia's largest banks, told SCMagazineUK.com that Alfa Bank is ready to cooperate with the new centre, however much of its usefulness to the sector will depend how quickly it can inform banks about incidents and possible cyber-threats.

Vasily Okulessky, head of IT security at the Bank of Moscow, another leading Russian bank, says that regardless of the initial performance of FinCERT, its establishment is very important for IT security in the domestic Russian financial and banking systems, as it will facilitate interaction with both law enforcement agencies and other banks. To date, it is reported that 500 Russian banks have expressed their interest in cooperating with FinCERT.