SWIFT Investigation Expands to 12 Banks After Attempted $1b Heist

Friday, 27/05/2016 | 14:31 GMT by Jeff Patterson
  • The investigation has expanded to 12 banks as independent firms have established a link to previous hackings.
SWIFT Investigation Expands to 12 Banks After Attempted $1b Heist
SWIFT

The ongoing saga SWIFT’s security breach has expanded exponentially today, after an attempted $1 billion heist has cast light on upwards of twelve other banks all presently utilizing SWIFT’s system and network.

Last month, SWIFT systems suffered a malware breach, resulting in the theft of $81.0 million from the Bangladeshi central bank – blame for the attack has since shifted over to the international Payments network, after allegations that SWIFT technicians inadvertently facilitated vulnerabilities with a new transaction system.

The new world of Online Trading , fintech and marketing – register now for the Finance Magnates Tel Aviv Conference, June 29th 2016.

To recap, hackers had managed to modify SWIFT’s client software, exposing several vulnerabilities across such a globally diverse system. The Bangladesh Bank attack in April also succeeded in manipulating SWIFT client software known as Alliance Access. This followed a previous attempt back in February in which cyber criminals tried to transfer upwards of $951 million from the Bangladeshi central bank's account at the Federal Reserve Bank of New York.

Bangladeshi police had alleged that their systems were exposed to a greater threat of breaches after SWIFT technicians connected a new bank transaction system just three months before the $81.0 million heist. The vulnerability seen across SWIFT’s network has now resulted in an expanded investigation of twelve more banks, each using SWIFT’s payment network.

Spearheading this effort is the security firm, FireEye, which is currently responsible for delving into and investigating the hack. The group has been dealing with banks as far away as New Zealand and the Philippines, as the Bangladesh bank heist that saw the theft of $81 million could just be a drop in the bucket.

Since then, SWIFT has called on banks to review their own internal computing environments in an attempt to weed out hackers. Independent authorities have also confirmed that the hackers from the Bangladesh Bank are linked to the hackers that had previously attacked targets in the US and South Korea since 2009 and that hacked Sony Pictures in 2014.

The FBI has claimed that these hackers are North Korean, though a common denominator appears to share common code for securely deleting files to cover its tracks. The direction of the investigation and the overall scope of the focus has not boded well for SWIFT meanwhile, as it is putting pressure on all users in its network.

In particular, SWIFT's systems rely on controlled access to its network using air-gapped systems and other forms of isolation. If a message is created and sent across the network by malicious software, other banks will often blindly trust said message and make the transfers that the message demands.

The ongoing saga SWIFT’s security breach has expanded exponentially today, after an attempted $1 billion heist has cast light on upwards of twelve other banks all presently utilizing SWIFT’s system and network.

Last month, SWIFT systems suffered a malware breach, resulting in the theft of $81.0 million from the Bangladeshi central bank – blame for the attack has since shifted over to the international Payments network, after allegations that SWIFT technicians inadvertently facilitated vulnerabilities with a new transaction system.

The new world of Online Trading , fintech and marketing – register now for the Finance Magnates Tel Aviv Conference, June 29th 2016.

To recap, hackers had managed to modify SWIFT’s client software, exposing several vulnerabilities across such a globally diverse system. The Bangladesh Bank attack in April also succeeded in manipulating SWIFT client software known as Alliance Access. This followed a previous attempt back in February in which cyber criminals tried to transfer upwards of $951 million from the Bangladeshi central bank's account at the Federal Reserve Bank of New York.

Bangladeshi police had alleged that their systems were exposed to a greater threat of breaches after SWIFT technicians connected a new bank transaction system just three months before the $81.0 million heist. The vulnerability seen across SWIFT’s network has now resulted in an expanded investigation of twelve more banks, each using SWIFT’s payment network.

Spearheading this effort is the security firm, FireEye, which is currently responsible for delving into and investigating the hack. The group has been dealing with banks as far away as New Zealand and the Philippines, as the Bangladesh bank heist that saw the theft of $81 million could just be a drop in the bucket.

Since then, SWIFT has called on banks to review their own internal computing environments in an attempt to weed out hackers. Independent authorities have also confirmed that the hackers from the Bangladesh Bank are linked to the hackers that had previously attacked targets in the US and South Korea since 2009 and that hacked Sony Pictures in 2014.

The FBI has claimed that these hackers are North Korean, though a common denominator appears to share common code for securely deleting files to cover its tracks. The direction of the investigation and the overall scope of the focus has not boded well for SWIFT meanwhile, as it is putting pressure on all users in its network.

In particular, SWIFT's systems rely on controlled access to its network using air-gapped systems and other forms of isolation. If a message is created and sent across the network by malicious software, other banks will often blindly trust said message and make the transfers that the message demands.

About the Author: Jeff Patterson
Jeff Patterson
  • 5439 Articles
  • 102 Followers
About the Author: Jeff Patterson
Head of Commercial Content
  • 5439 Articles
  • 102 Followers

More from the Author

FinTech

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|} !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}