Categories: Security

SWIFT Discloses More Successful Bank Heists

A “meaningful” number of attacks on banks have been carried out using the SWIFT network over the past year, with some resulting in lost funds, the organsation has acknowledged.

SWIFT, the Society for Worldwide Interbank Financial Telecommunication, based outside of Brussels, had previously disclosed attacks on three banks via the network but said none had been successful.

In its latest comments, however, the group divulged that a significant number of additional incidents have occurred since February, with about 20 percent succeeding.

‘Meaningful’ number of cases

In February hackers stole $81 million (£64m) from Bangladesh’s central bank by initiating fraudulent SWIFT transfers from within the bank’s own systems.

The incidents since then all involve techniques similar to the Bangladesh hack, with none involving any breach of the network’s own core systems, according to SWIFT customer security programme head Stephen Gilderdale.

He declined to specify the number of incidents, telling Reuters only that it was “a meaningful number of cases”.

In about four-fifths of the cases in which SWIFT had completed investigations no fraud had taken place, with one-fifth of the cases involving successful fraud, he said, declining to indicate the amounts involved.

The network doesn’t receive or keep track of fraud reports from clients, Gilderdale said the organisation was making “progress” on security.

Loading ...

Fraud detection

In some of the cases clients’ computer security systems had identified malware on their networks, while in others a new SWIFT feature alerted the organisation to attempted manipulation, according to Gilderdale. In one case a financial regulator notified SWIFT of an attempted hack, he said.

His comments follow a letter sent from SWIFT to bank clients on 2 November that warned attacks were becoming more sophisticated and were likely to continue.

In a new development, hackers have begun using remote-access software intended for support technicians to access bank systems and implant malware, according to the letter, excerpts of which were published by Reuters on Monday.

“We unfortunately continue to see cases in which some of our customers’ environments are being compromised” using techniques similar to the Bangladesh attack, the letter said.

“The threat is very persistent, adaptive and sophisticated – and it is here to stay,” it added, noting that there are likely to be “multiple groups” of attackers.

Like Gilderdale’s comments, the letter indicates SWIFT’s continued vulnerability to hackers looking to manipulate it to carry out fraud.

The Bangladesh hack indicated that the banks’ own systems are the weakest link in the network, with hackers able to implant malicious code that transmitted fraudulent transfer messages and then attempted to conceal the orders from bank staff.

The theft spurred regulators around the world, and SWIFT itself, to tighten bank computer security requirements.

Do you know all about security in 2016? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

1 day ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

1 day ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

1 day ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

2 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

2 days ago