SWIFT’s Client Network Compromised, Resulting in $81m Heist

Monday, 25/04/2016 | 09:55 GMT by Jeff Patterson
  • The Bangladeshi central bank had $81 million stolen after malware compromised SWIFT's client software.
SWIFT’s Client Network Compromised, Resulting in $81m Heist
SWIFT

SWIFT, an international global Payments network, had its software systems hacked by malware, resulting in the theft of $81.0 million from the Bangladeshi central bank, according to a recent Reuters report.

The new world of online trading, fintech and marketing – register now for the Finance Magnates Tel Aviv Conference, June 29th 2016.

The announcement follows on the heels of a string of recent initiatives by SWIFT to usher in more firms and venues under its collective mantle, whereby helping foster transparent and secure financial commerce and banking. While its resolve has not changed, the latest malware attack does bring into question the need for respective financial institutions to fortify their security protocols and procedures.

In this instance, hackers managed to modify SWIFT’s client software, underscoring the latent vulnerabilities across such a globally diverse system. More specifically, the Bangladesh Bank attack managed to successfully manipulate SWIFT client software known as Alliance Access. This followed a previous attempt back in February in which cyber criminals tried to transfer upwards of $951 million from the Bangladeshi central bank's account at the Federal Reserve Bank of New York.

Thankfully for the bank, the vast majority of the payments were blocked, not resulting in any material loss, however $81 million was still routed to accounts in the Philippines and diverted to casinos there, with much of the sum still missing. Alliance Access software is utilized by many institutions, though it represents just a fraction of the SWIFT messaging platform that is nearly 11,000 strong. Since then, SWIFT has released a statement saying that the malware has had no impact on the rest of its network or core messaging services.

Looking Ahead

The plausibility of future attacks and vulnerabilities is certainly a tangible concern for SWIFT moving forward though the onus ultimately lies with respective banks and institutions. Each day, global repositories collect millions of new samples a day from researchers, businesses, government agencies and members of the public who upload files to cross-reference if they are recognized as problematic in order to help thwart future attacks.

According to SWIFT spokesperson, Natasha Deteran, in a recent statement on the attack: “Whilst we keep all our interface products under continual review and recommend that other vendors do the same, the key defence against such attack scenarios is that users implement appropriate security measures in their local environments to safeguard their systems.”

Finance Magnates is proud to present its inaugural TLV Conference, to be held on the 29th of June. Apart from the invaluable networking opportunities, the agenda is packed with panels, masterclasses and keynote speeches geared towards the subject of fintech. Industry leaders will be discussing subjects such as marketing automation, cybersecurity, financial regulation and Cryptocurrencies , with a focus on the booming Israeli fintech scene. In keeping with this, there will also be a fintech spotlight session in which a lineup of firms will each have four minutes to pitch their exciting products, culminating in an award presented to the most promising.

SWIFT, an international global Payments network, had its software systems hacked by malware, resulting in the theft of $81.0 million from the Bangladeshi central bank, according to a recent Reuters report.

The new world of online trading, fintech and marketing – register now for the Finance Magnates Tel Aviv Conference, June 29th 2016.

The announcement follows on the heels of a string of recent initiatives by SWIFT to usher in more firms and venues under its collective mantle, whereby helping foster transparent and secure financial commerce and banking. While its resolve has not changed, the latest malware attack does bring into question the need for respective financial institutions to fortify their security protocols and procedures.

In this instance, hackers managed to modify SWIFT’s client software, underscoring the latent vulnerabilities across such a globally diverse system. More specifically, the Bangladesh Bank attack managed to successfully manipulate SWIFT client software known as Alliance Access. This followed a previous attempt back in February in which cyber criminals tried to transfer upwards of $951 million from the Bangladeshi central bank's account at the Federal Reserve Bank of New York.

Thankfully for the bank, the vast majority of the payments were blocked, not resulting in any material loss, however $81 million was still routed to accounts in the Philippines and diverted to casinos there, with much of the sum still missing. Alliance Access software is utilized by many institutions, though it represents just a fraction of the SWIFT messaging platform that is nearly 11,000 strong. Since then, SWIFT has released a statement saying that the malware has had no impact on the rest of its network or core messaging services.

Looking Ahead

The plausibility of future attacks and vulnerabilities is certainly a tangible concern for SWIFT moving forward though the onus ultimately lies with respective banks and institutions. Each day, global repositories collect millions of new samples a day from researchers, businesses, government agencies and members of the public who upload files to cross-reference if they are recognized as problematic in order to help thwart future attacks.

According to SWIFT spokesperson, Natasha Deteran, in a recent statement on the attack: “Whilst we keep all our interface products under continual review and recommend that other vendors do the same, the key defence against such attack scenarios is that users implement appropriate security measures in their local environments to safeguard their systems.”

Finance Magnates is proud to present its inaugural TLV Conference, to be held on the 29th of June. Apart from the invaluable networking opportunities, the agenda is packed with panels, masterclasses and keynote speeches geared towards the subject of fintech. Industry leaders will be discussing subjects such as marketing automation, cybersecurity, financial regulation and Cryptocurrencies , with a focus on the booming Israeli fintech scene. In keeping with this, there will also be a fintech spotlight session in which a lineup of firms will each have four minutes to pitch their exciting products, culminating in an award presented to the most promising.

About the Author: Jeff Patterson
Jeff Patterson
  • 5448 Articles
  • 106 Followers
Head of Commercial Content

More from the Author

FinTech