SWIFT Warns Banks Of Increasing Digital Robberies

The banking industry has been warned of the evolving threat of online criminals and hackers.

The warning from SWIFT, the international bank transfer system, came after online thieves came close to stealing nearly a billion dollars from the account belonging to the Central Bank of Bangladesh in early 2016.

In the end, the thieves only managed to steal $81 million (£63m) by initiating fraudulent SWIFT transfer messages from within the bank’s own systems.

Significant Evolution

Following that attack, SWIFT (Society for Worldwide Interbank Financial Telecommunication) joined forces with BAE Systems in July 2016 to bolster its cyber security expertise.

And now in a new report co-written with BAE Systems’s cyber security division, it shed light on some new techniques being used by the hackers.

The report has been dispatched to all SWIFT customers around the world, and it warned that over the past 18 months, there has been a “significant evolution in the cyber threat facing the global financial industry.”

“The adversaries have deployed increasingly sophisticated means of circumventing individual controls within users’ local environments and used ever more creative techniques to access users’ critical assets”, said BAE Systems’ Head of Threat Intelligence, Dr Adrian Nish. “These include gaining Administrator rights for operating systems, manipulating software in memory, and tampering with legitimate functionality to bypass authentication.”

The report also details how highly covert malware, designed to withstand traditional detection techniques, is increasingly being deployed in attacks.

“In any single attack a mix of malicious files will often be used, whether that be to acquire credentials or to bypass authentication requirements; to learn how internal operations or messages work; to create distractions and delay local security teams’ responses; or to securely delete log files and other traces of the attacks”, said Karel De Kneef, SWIFT’s Security Operations Director.

The report also provides advice for banks and the financial service providers on the safeguards they need to put in place to protect against the threat.

“While the attackers’ sophistication is clearly on the rise, in all cases, they have relied on basic security weaknesses in the targeted customers’ perimeter and internal network security’, said De Kneef.

“The determination, patience and cunning the attackers are demonstrating makes it more imperative than ever that customers rapidly deploy and maintain all basic cyber hygiene tools and measures, comprehensively adhere to recommended security controls, and incorporate all the elements set out in SWIFT’s Customer Security Programme.”

It comes after researchers at Kaspersky Lab in early November warned of the danger posed by the Silence trojan which infiltrates internal banking networks.

At the moment, SWIFT customers have until the end of the year (31 December) to implement SWIFT’s Customer Security Controls Framework (mandatory security controls), introduced in June 2016.

SWIFT has also “significantly developed its customer cyber security forensics and analysis capabilities under the Programme.”

Heightened Security

SWIFT issued a similar warning in August last year, when it warned of ongoing and persistent attacks against the financial sector.

Brussels-based SWIFT has always insisted attacks have not compromised its network, but rather seem to have been carried out by attackers who obtained valid credentials from financial institutions and used these to impersonate authorised individuals.

In May last year the Bank of England to order all British banks to carry out a security review of systems connected to SWIFT.

Do you know all about security in 2017? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago