By Sinead Cruise
LONDON (Reuters) - HSBC is working with law enforcement to catch those behind a cyber attack that forced its personal banking websites in the UK to shutdown, its second major service outage this month, the bank said on Friday.
Europe's largest lender said it had "successfully defended" its systems against a distributed denial of service (DDoS) attack but it was experiencing fresh threats, impeding full restoration of its services.
"HSBC's internet and mobile services have partially recovered, and we continue to work to restore a full service," John Hackett, UK Chief Operating Officer, said in a statement.
"We are closely monitoring the situation with the authorities," he added.
The outage began on Friday morning and online services were still down by 1630 GMT (11:30 a.m. ET).
DDoS attacks are often used by cyber criminals trying to disrupt businesses and companies with significant online activities.
HSBC has declined to estimate when its online services might resume. Its Twitter feed said all major branches will be open on Saturday to help manage urgent transactions.
Dozens of customers took to social media to vent their anger. They were advised to use the bank's mobile banking application but some reported access difficulties due to high demand.
The attack coincides with the first full pay-day of the year for many Britons and runs close to a deadline for the submission of personal tax returns.
Several technology failures have hit Britain's retail banks in recent years, prompting lawmakers to call for improvement.
"Bank IT systems just don't seem to be up to the job," Andrew Tyrie, Conservative lawmaker and chairman of the Treasury Committee, said in a statement. "It could be leaving the banking system, and with it the economy, exposed to the risk of systemic failures."
Thousands of HSBC's UK customers were affected by a blackout on its personal banking online services in the first week of January.
HSBC gave no explanation for that glitch but confirmed it was not due to a cyber-attack or malicious act. Technicians restored service after two days.
The bank said customer transactions were not affected by Friday's breach, which appeared to be aimed at disrupting and causing embarrassment to HSBC.
"DDoS attacks are not attacks meant to directly steal from consumers, they are meant to deny them access to the institution," said Robert Capps, vice president of business development at NuData Security.
However, some breaches can be a cover for other types of cyber attack, Capps said.
"We've seen DDoS attacks against banks used as a smoke screen and cover for other nefarious activities such as cyber-heists ... large value money transfers, or the bulk theft and removal of consumer account data," he said.
Financial crime costs the UK economy 52 billion pounds ($73.69 billion) a year, delegates at the Wealth Management Association's financial crime conference heard earlier this week.
Special Inspector James Phipson, commercial director of the economic crime directorate at City of London Police, also told the event that only 12 per cent of cyber-crime is ever reported.
(Additional reporting by Simon Jessop; Editing by Rachel Armstrong and Katharine Houreld)