Eugene Grygo, Chief Content Editor, FTF News
Apparently, some customers of the SWIFT cooperative for financial messaging and related systems have been enduring an onslaught of cyber-attacks, even throughout the end of 2016 and after SWIFT began pushing to make cyber protections mandatory.
A SWIFT public relations representative confirmed last week that a letter was sent to customers in early November, a story that Reuters broke on Dec. 12. “SWIFT wrote to customers late last year regarding recent attacks,” the representative said to FTF News. The letter warns of an “escalating threat” of hacking attacks, according to Reuters. (The SWIFT spokesperson declined to share the letter with FTF News.)
Sadly, it seems that regardless of letters the cyber-attacks have not let up since mid-October when antivirus vendor Symantec uncovered new attacks on SWIFT users involving malware that hides records of SWIFT messages relating to fraudulent transactions.
Symantec officials found that those attacks upon SWIFT clients were caused by the “Odinaff group,” which can yield hundreds of millions of dollars to hackers via deception and aggressive invasions of networks and systems. The SWIFT network itself has not been attacked, according to Symantec.
At the time, SWIFT officials say they decline to comment upon specific groups but did provide a statement: “SWIFT is aware of this MO and the related details published in the [Symantec] blog. We published related Indicators of Compromise (IOCs) and a practical example of the MO for our community earlier this summer. This work forms part of SWIFT’s information sharing initiative which has grown significantly since its launch, and which includes detailed intelligence and analysis on the modus operandi of attackers in customer fraud cases.”
As you may recall, SWIFT officials were grappling with a series of cyber-attacks among its members and customers that started with hackers using SWIFT codes to break into the account of the Bangladesh central bank. Then, hackers used messages and multiple attempts to break into the Federal Reserve Bank of New York, which then led to the theft of a hefty sum, according to official confirmations and media reports. The hackers in this instance did encounter some barriers but ultimately $81 million was stolen from the Bangladesh central bank account.
The Bangladesh incident is very significant because it appears to be serving as a model for all the subsequent attacks.
“As SWIFT has previously stated, all the attacks have followed the same broad modus operandi,” the spokesperson tells FTF News.
SWIFT took steps to bolster its commitment to cyber-security protections at its SIBOS conference in Geneva this past October with a set of core security standards and an associated assurance framework that the cooperative is making mandatory for all customers.
However, it seems that SWIFT, its customers and all third-party participants are going to have to collectively take even stronger, more orchestrated measures to beat the hackers who for the moment appear to be winning.
Need a Reprint?