Britain's banks are not reporting the full extent of cyber attacks to regulators for fear of punishment or bad publicity.