Banks are hiring the services of ethical hackers from the Belgian central bank. The hackers are supposed to identify weaknesses in the system, writes De Tijd on Tuesday (5 July).
But the banks are not sure if these “friendly” cyber-attacks are legal.
The central bank calls on major banks and other financial institutions to conduct “thorough security testing, using independent experts to check the quality and efficiency of the security systems in the context of a realistic scenario of an attack that is carried out ethically, ” the bank wrote in a circular.
However, there is a legal problem. Hacking, requested or not, is prohibited by law. “Ethical hackers regularly offer their services, but they are in a gray area. These people are legally traceable,” said the Belfius bank.
The banks are discussing with their federation (Febelfin), which has not yet taken a position on the issue. “It is necessary to create more legal certainty so that ethical hackers do not fall under the law against hacking,” the bank federation states.