SWIFT Discloses More Bank Thefts

SWIFT, the global financial messaging system, recently disclosed new hacking attacks on its member banks as it pressured them to comply with security procedures instituted after February's high-profile $81 million heist at Bangladesh Bank.

In a private letter to clients, SWIFT said that new cyber-theft attempts - some of them successful - have surfaced since June, when it last updated customers on a string of attacks discovered after the attack on the Bangladesh central bank.

"Customers’ environments have been compromised, and subsequent attempts (were) made to send fraudulent payment instructions," according to a copy of the letter seen by news agency Reuters. "The threat is persistent, adaptive and sophisticated - and it is here to stay."

The disclosure suggests that cyber thieves may have ramped up their efforts following the Bangladesh Bank heist, and that they specifically targeted banks with lax security procedures for SWIFT-enabled transfers.

The Brussels-based firm, a member-owned cooperative, indicated in the recent letter that some victims in the new attacks lost money, but did not say how much was taken or how many of the attempted hacks succeeded. It did not identify specific victims, but said the banks varied in size and geography and used different methods for accessing SWIFT.

A SWIFT spokeswoman declined to elaborate on the recently uncovered incidents or the security issues detailed in the letter, saying the firm does not discuss affairs of specific customers.

All the victims shared one thing in common: Weaknesses in local security that attackers exploited to compromise local networks and send fraudulent messages requesting money transfers, according to the letter.

Accounts of the attack on Bangladesh Bank suggest that weak security procedures there made it easier to hack into computers used to send SWIFT messages requesting large money transfers. The bank lacked a firewall and used second-hand, $10 electronic switches to network those computers, according to the Bangladesh police.

SWIFT has repeatedly pushed banks to implement new security measures rolled out after the Bangladesh heist, including stronger systems for authenticating users and updates to its software for sending and receiving messages. But it has been difficult for SWIFT to force banks to comply because the nonprofit cooperative lacks regulatory authority over its members.

SWIFT told banks that it might report them to regulators and banking partners if they failed to meet a November 19 deadline for installing the latest version of its software, which includes new security features designed to thwart the type of attacks described in its letter.

The security features include technology for verifying credentials of people accessing a bank's SWIFT system; stronger rules for password management; and better tools for identifying attempts to hack the software.

SWIFT is trying coerce members into prioritizing cyber-security by threatening to share confidential information about security lapses that banks want to keep private, said Shane Shook, an independent security consultant who advises central banks.

"That type of information sharing is something that no bank likes to see happen without their direct approval and involvement, because it can affect market confidence," Shook said.

SWIFT disclosed the new hacks after reports of previous incidents prompted regulators in Europe and the United States to urge banks to bolster cyber-security.

Other cases involving fraudulent transfer requests include the theft of more than $12 million from Ecuador's Banco del Austro and a failed attempt later in 2015 to steal money from Vietnam's Tien Phong Bank.

The attacks have prompted regulators globally to press banks to bolster defenses. The Bank of England in April ordered UK firms to detail actions to secure computers connected to the SWIFT system, while the European Banking Authority in May said domestic authorities should stress test banks for cyber risks.

The Federal Reserve and other US agencies told banks in June to review protections against fraudulent money transfers.

Six US senators recently urged the G20 nations to agree when they meet at a summit this weekend on a “coordinated strategy to combat cyber-crime at critical financial institutions.”

Reuters
 

« The Hack That Could Swing The US Election
Rio 2016 Olympic Games: IoT Technologies Win »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Becrypt

Becrypt

Becrypt is a trusted provider of endpoint cybersecurity software solutions. We help the most security conscious organisations to protect their customer, employee and intellectual property data.

Fortinet

Fortinet

Fortinet is a provider of network security systems. Our products provide protection against dynamic security threats while simplifying the IT security infrastructure.

BSIMM

BSIMM

The Building Security In Maturity Model (BSIMM) is a study of existing software security initiatives.

Conference-Service.com

Conference-Service.com

Conference-Service.com provides a categorised calendar of conferences and events which includes Information Security.

Kudelski Security

Kudelski Security

Kudelski Security is an international cybersecurity company providing innovative, independent and tailored security solutions for large enterprise and public sector clients.

CommuniTake

CommuniTake

CommuniTake builds security, enablement, and management solutions to provide people and organizations with better, and more secure mobile device use.

Fidus Information Security

Fidus Information Security

Fidus is a team of security professionals providing Penetration Testing and Cyber Security Consulting services throughout the UK and worldwide.

Windscribe

Windscribe

Windscribe is a Virtual Private Network services provider offering secure encrypted access to the internet.

Information Systems Security Partners (ISSP)

Information Systems Security Partners (ISSP)

ISSP is a specialized system integrator focused on the information security needs of its corporate clients and providing best in class products and services for securing organizational information.

Ritz

Ritz

Ritz is the largest holistic pure-play cyber security solutions provider in Myanmar.

TCN

TCN

TCN is an advanced System Integrator and Infrastructure Company in Albania.

Knovos

Knovos

Knovos is a leading technology innovator developing solutions for automating, integrating, and innovating Information Governance.

HITRUST Alliance

HITRUST Alliance

HITRUST provides widely-adopted common risk and compliance management frameworks, related assessment and assurance methodologies.

DeepFactor

DeepFactor

DeepFactor is the industry’s first Continuous Observability platform enabling Engineering and AppSec teams to find and triage RUNTIME security, privacy, and compliance risks in your applications.

ProCheckUp

ProCheckUp

ProCheckUp is a London-based independent provider of cyber security services, including IT Security, Assurance, Compliance and Incident Response.

Deutsche Gesellschaft für Cybersicherheit (DGC)

Deutsche Gesellschaft für Cybersicherheit (DGC)

As a leading provider of cyber security, DGC supports companies in taking advantage of the opportunities offered by the digital transformation – and in minimizing the associated risks.