BRUSSELS, Belgium – SWIFT, the global financial system used to move hundreds of billions of dollars a day, on Friday, May 13, said highly sophisticated hackers had gained access to a bank aiming to hijack fund transfers made via the network.
SWIFT – the Society for Worldwide Interbank Financial Telecommunication – insisted its own system had not been compromised, but warned that this latest attack was clearly part of a wide-ranging campaign.
It comes months after a multi-milion dollar heist at the Bangladesh central bank. (READ: TIMELINE: Tracing the $81-million stolen fund from Bangladesh Bank)
“Forensic experts believe this new discovery evidences that the malware used in the earlier reported customer incident was not a single occurrence but part of a wider and highly adaptive campaign targeting banks,” the Brussels-based group said in a letter to clients.
In both cases, the hackers “exploited vulnerabilities” at the two unnamed banks to gain access to their fund transfer systems, which then give instructions to the SWIFT network, it said.
“The attackers clearly exhibit a deep and sophisticated knowledge of specific operational controls within the targeted banks – knowledge that may have been gained from malicious insiders or cyber attacks, or a combination of both,” SWIFT said.
In light of the latest attack, SWIFT called on its customers “as a matter of urgency” to review all their internal controls.
“This includes everything from employee checks to password protection to cyber defenses,” it said, stressing again that the SWIFT network had not been compromised.
In February, hackers got hold of $81 million from Bangladesh’s account at the Federal Reserve Bank of New York by making it move the funds to accounts in the Philippines. (READ: How Bangladesh Bank dirty money easily got into PH)
Investigators are still trying to work out how the hackers got into the system in that instance amid growing concerns about bank security and what the diverted funds might be used for. (READ: SWIFT on $81M bank heist: Our system wasn’t breached)
Many attacks are put down to individuals or companies but state or state-sponsored intruders are believed to be increasingly active, seeking key political and economic information or going further, to disrupt and harm rivals.
Analysts Sergei Schenvchenko and Adrian Nish writing in a blog for BAE Systems said they believed the same hacker was behind both cases, citing an incident at a bank in Vietnam.
“As for who that person might be, who the coder is, who they work for, and what their motivation is for conducting these attacks cannot be determined from the digital evidence alone,” they said.
SWIFT is an integral part of the global financial system, and according to its website services some 11,000 institutional clients in more than 200 countries. – Rappler.com