SWIFT Discloses More Bank Thefts

Uploaded on 2016-09-07 in TECHNOLOGY--Hackers, GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-Financial

SWIFT, the global financial messaging system, recently disclosed new hacking attacks on its member banks as it pressured them to comply with security procedures instituted after February's high-profile $81 million heist at Bangladesh Bank.

In a private letter to clients, SWIFT said that new cyber-theft attempts - some of them successful - have surfaced since June, when it last updated customers on a string of attacks discovered after the attack on the Bangladesh central bank.

"Customers’ environments have been compromised, and subsequent attempts (were) made to send fraudulent payment instructions," according to a copy of the letter seen by news agency Reuters. "The threat is persistent, adaptive and sophisticated - and it is here to stay."

The disclosure suggests that cyber thieves may have ramped up their efforts following the Bangladesh Bank heist, and that they specifically targeted banks with lax security procedures for SWIFT-enabled transfers.

The Brussels-based firm, a member-owned cooperative, indicated in the recent letter that some victims in the new attacks lost money, but did not say how much was taken or how many of the attempted hacks succeeded. It did not identify specific victims, but said the banks varied in size and geography and used different methods for accessing SWIFT.

A SWIFT spokeswoman declined to elaborate on the recently uncovered incidents or the security issues detailed in the letter, saying the firm does not discuss affairs of specific customers.

All the victims shared one thing in common: Weaknesses in local security that attackers exploited to compromise local networks and send fraudulent messages requesting money transfers, according to the letter.

Accounts of the attack on Bangladesh Bank suggest that weak security procedures there made it easier to hack into computers used to send SWIFT messages requesting large money transfers. The bank lacked a firewall and used second-hand, $10 electronic switches to network those computers, according to the Bangladesh police.

SWIFT has repeatedly pushed banks to implement new security measures rolled out after the Bangladesh heist, including stronger systems for authenticating users and updates to its software for sending and receiving messages. But it has been difficult for SWIFT to force banks to comply because the nonprofit cooperative lacks regulatory authority over its members.

SWIFT told banks that it might report them to regulators and banking partners if they failed to meet a November 19 deadline for installing the latest version of its software, which includes new security features designed to thwart the type of attacks described in its letter.

The security features include technology for verifying credentials of people accessing a bank's SWIFT system; stronger rules for password management; and better tools for identifying attempts to hack the software.

SWIFT is trying coerce members into prioritizing cyber-security by threatening to share confidential information about security lapses that banks want to keep private, said Shane Shook, an independent security consultant who advises central banks.

"That type of information sharing is something that no bank likes to see happen without their direct approval and involvement, because it can affect market confidence," Shook said.

SWIFT disclosed the new hacks after reports of previous incidents prompted regulators in Europe and the United States to urge banks to bolster cyber-security.

Other cases involving fraudulent transfer requests include the theft of more than $12 million from Ecuador's Banco del Austro and a failed attempt later in 2015 to steal money from Vietnam's Tien Phong Bank.

The attacks have prompted regulators globally to press banks to bolster defenses. The Bank of England in April ordered UK firms to detail actions to secure computers connected to the SWIFT system, while the European Banking Authority in May said domestic authorities should stress test banks for cyber risks.

The Federal Reserve and other US agencies told banks in June to review protections against fraudulent money transfers.

Six US senators recently urged the G20 nations to agree when they meet at a summit this weekend on a “coordinated strategy to combat cyber-crime at critical financial institutions.”

Reuters
 

« The Hack That Could Swing The US Election
Rio 2016 Olympic Games: IoT Technologies Win »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Quotium

Quotium

Quotium provides automated testing technologies to make business software applications secure and robust.

Fidelis Security

Fidelis Security

Fidelis Security is a leading provider of extended threat detection and response (XDR) solutions for your security operations.

Cobalt Strike

Cobalt Strike

Cobalt Strike is penetration testing software designed to execute targeted attacks.

Galvanize

Galvanize

Galvanize is a leading provider of award-winning, cloud-based security, risk management, compliance, and audit software for some of the world’s largest organizations.

Stealthbits Technologies

Stealthbits Technologies

Stealthbits Technologies is a cybersecurity software company focused on protecting an organization's sensitive data and the credentials attackers use to steal that data.

SolutionsPT

SolutionsPT

SolutionsPT enables customers to strengthen their Operational Technology (OT) network to meet the ever increasing demand for performance, availability, connectivity and security.

Slovak Security Policy Institute (SSPI)

Slovak Security Policy Institute (SSPI)

Slovak Security Policy Institute is an independent non-governmental organization that focuses on research and analysis of security challenges including defence and cyber security.

M2MD Technologies

M2MD Technologies

M2MD Technologies offers solutions optimized for cellular IoT that provide stronger security, reduced costs, enhanced user experience, and ultimately generates higher returns for stakeholders.

Netography

Netography

Netography provides a scalable and reliable platform for detection & remediation of cyber threats found on your network.

Dasera

Dasera

Dasera’s Radar and Interceptor products deliver visibility, governance, and protection solutions for data-agile companies.

Tugboat Logic

Tugboat Logic

Tugboat Logic was created to address the skills and expertise gap in the security and compliance industry. Our goal is to simplify and automate information security management for every enterprise.

LBMC

LBMC

LBMC is a professional services solutions provider in accounting and finance, human resources, technology, risk and information security, and wealth advisory services.

Jit

Jit

Jit empowers developers to own security for the product they are building from day zero.

Clearvision

Clearvision

As an Atlassian Platinum Solution Partner, Clearvision works with teams in the UK and US, providing solutions for the Atlassian stack, Git and open source tooling.

Box

Box

Box is the Cloud Content Management company that empowers enterprises to revolutionize how they work by securely connecting their people, information and applications.

PingSafe

PingSafe

PingSafe is creating the next-generation cloud security platform powered by attackers' intelligence, providing coverage for vulnerabilities that traditional security solutions would otherwise overlook