SWIFT financial network warns of fraudulent messages

Rappler.com

This is AI generated summarization, which may have errors. For context, always refer to the full article.

SWIFT financial network warns of fraudulent messages
SWIFT's statement is the first acknowledgment that the Bangladesh Bank heist is not an isolated case

MANILA, Philippines – The Society for Worldwide Interbank Financial Telecommunication (SWIFT), a global financial messaging network, warned its customers Monday, April 25, that it knew of “a number of recent cyber incidents” in which attackers sent fraudulent messages over its system.

Reuters reported that the disclosure came following investigations into the theft of $81 million from the Bangladesh Bank’s account at the Federal Reserve Bank of New York. (READ: SWIFT system and the $81-M money laundering issue)

SWIFT also said the scheme involved alterations to the SWIFT software on Bangladesh Bank’s computers. This was done to cover up evidence of fraudulent transfers.

The group told customers, “SWIFT is aware of a number of recent cyber incidents in which malicious insiders or external attackers have managed to submit SWIFT messages from financial institutions’ back-offices, PCs or workstations connected to their local interface to the SWIFT network.”

The statement was the first acknowledgment that the Bangladesh Bank heist was not an isolated case. Rather, it appeared to be one of a number of attempts to leverage SWIFT – which is used by some 11,000 financial institutions – as a means of stealing money.

SWIFT on Monday also released a security update to its software – which banks use to access the network – to prevent malware intrusions.

According to the group, attackers gained valid credentials for operators who were authorized to create and approve messages on the network. They then sent false messages by impersonating the operators.

SWIFT spokeswoman Natasha Deteran said internal or external attackers compromised the banks’ own environments to obtain valid operator credentials. She prompted customers to “do their utmost to protect against this.”

SWIFT also told customers that its security update is mandatory and must be installed by May 12. The update is supposed to help banks figure out situations in which attackers have attempted to hide their tracks. – Rappler.com

Add a comment

Sort by

There are no comments yet. Add your comment to start the conversation.

Summarize this article with AI

How does this make you feel?

Loading
Download the Rappler App!