Lloyds joined bank cyber crime alliance weeks before hacking

Listen to this article

00:00
00:00

Lloyds Banking Group joined an alliance of large banks and law enforcement agencies to share information on cyber crime only weeks before hackers crippled its digital services for more than two days.

The Cyber Defence Alliance was created in 2015 by a handful of banks including Barclays, Santander and Deutsche Bank to share information about cyber threats with each other and with law enforcement agencies.

The venture operates out of an office in the City of London manned by cyber security staff assigned from each of the banks and police officers from the UK National Cyber Crime Unit. Other members include Standard Chartered.

However, despite joining forces with rival banks and law enforcement agencies, Lloyds was unable to fend off a denial of service attack that an international criminal gang unleashed on UK high street lenders last month.

The attack, which involved swamping a website with traffic in an attempt to disable it, affected Lloyds and its Halifax and Bank of Scotland brands, leaving many customers temporarily unable to use services such as checking their balance or sending payments.

No customers suffered a financial loss. TSB, which was carved out of Lloyds in 2013 but still uses its technology platform, was also hit.

The Cyber Defence Alliance describes itself as “a co-located federation of banks and law enforcement agencies working together to advance sector security”. It adds that “an attack against one bank is an attack against them all”.

“The ultimate goal is to support the sector to proactively detect and stop emerging threats, to share resources/expertise and knowledge to grow stronger together as a team, and to support law enforcement action against criminal networks threatening the industry and its customers,” it says.

Copyright The Financial Times Limited 2017. All rights reserved. You may share using our article tools. Please don't copy articles from FT.com and redistribute by email or post to the web.