Hackers breach SWIFT financial network
BRUSSELS – Agence France-Presse
SWIFT - the Society for Worldwide Interbank Financial Telecommunication - insisted its own system had not been compromised, but warned that this latest attack was clearly part of a wide-ranging campaign.
It comes months after a multi-million dollar heist at the Bangladesh central bank.
“Forensic experts believe this new discovery evidences that the malware used in the earlier reported customer incident was not a single occurrence but part of a wider and highly adaptive campaign targeting banks,” the Brussels-based group said in a letter to clients.
In both cases, the hackers “exploited vulnerabilities” at the two unnamed banks to gain access to their fund transfer systems, which then give instructions to the SWIFT network, it said.
“The attackers clearly exhibit a deep and sophisticated knowledge of specific operational controls within the targeted banks - knowledge that may have been gained from malicious insiders or cyber-attacks, or a combination of both,” SWIFT said.
In light of the latest attack, SWIFT called on its customers “as a matter of urgency” to review all their internal controls.
“This includes everything from employee checks to password protection to cyber defenses,” it said, stressing again that the SWIFT network had not been compromised.
In February, hackers got hold of $81 million from Bangladesh’s account at the Federal Reserve Bank of New York by making it move the funds to accounts in the Philippines.
Investigators are still trying to work out how the hackers got into the system in that instance amid growing concerns about bank security and what the diverted funds might be used for.
Many attacks are put down to individuals or companies but state or state-sponsored intruders are believed to be increasingly active, seeking key political and economic information or going further, to disrupt and harm rivals.