© Reuters. The headquarters tower of the Bank for International Settlements (BIS) in Basel, Switzerland, March 18, 2021. REUTERS/Arnd Wiegmann/File Photo
Written by Mark Jones
LONDON (Reuters) – The central bankers’ central bank, the Bank for International Settlements (BIS), has laid out a seven-point plan designed to help countries prevent cyber hacks in the new wave of digital national currencies in development.
About 130 countries are now exploring central bank digital currencies (CBDCs) to keep pace with technological change, but there are concerns that the online nature of these currencies could make them a prime target for criminals and hostile states.
The Bank for International Settlements acts as the umbrella body for the US Federal Reserve, the European Central Bank, the Bank of England, and other central banks around the world, and coordinates much of the work on the development of a central bank digital currency.
In two related reports published on Friday, it warned that CBDC systems are “complex, with a large attack surface and many potential points of failure, and bring new and elevated risks.”
Analysis of previous cyberattacks also revealed that there were “holes” in the security attack modeling systems in the most technologically advanced digital trading hubs and that the “median time to attack” — the time it takes hackers to successfully hack a blockchain type setup — was only about 10 months. in the middle.
“This is a key point to note for central banks that are about to launch a central bank digital currency, they should be fully prepared to detect and fend off new and well-understood cyber-attacks,” the BIS said.
The concern is that a successful attack on a central bank digital currency could seriously undermine public confidence in the new currencies as well as central banks themselves and the broader financial system.
Hackers have hit a number of central banks in recent years from Denmark to Bangladesh. According to crypto research firm Elliptic, users of cryptocurrencies, non-fungible tokens (NFTs), and other digital assets lost $10.5 billion due to theft in 2021.
The Bank for International Settlements calls its seven-point plan the Polaris (NYSE:) Security and Resilience Framework.
Specifically, it calls on central banks to:
• Recognize the new complexity and threat landscape that CBDC systems bring.
• Adopt modern enabling technologies that support security and resilience when appropriate.
• Inventory of existing capabilities that the CBDC system could use.
• Identify areas that need improvement and new capabilities that need implementation.
He also called on central banks to use the global “MITER ATT&CK” database of past cyberattacks, and a “formal extension” of the MITER ATT&CK framework to help central banks strengthen their security measures.