Swift is warning its member banks to quickly upgrade their software and security protocols for the global financial messaging system following a wave of recent hacks that triggered more bank losses.
The Brussels-based organization notified its clients this week of a series of a fresh series of cyberattacks on banks that have occurred since June, the last time Swift provided a broad update on risks following the $81 million theft at the Bank of Bangladesh earlier this year, a Swift spokesperson confirmed.
Reuters was first to report on Aug. 31 that Swift sent a private letter to its member banks alerting them to a new level of risk. Swift, the Society for Worldwide Interbank Financial Telecommunication, connects 11,000 financial services companies with its messaging platform for transfers.
Swift declined to release its letter, but a spokesperson said the missive warns banks that the latest cyberthreat is "persistent, adaptive and sophisticated," and criminals are tailoring attacks to each individual target.
Thieves attacking Swift members have used diverse methods to connect to banks and applied a variety of interfaces from different vendors to break into systems and send fraudulent transactions, the spokesperson added.
In the wake of the Bangladesh incident, Swift hardened its security protocols and has urged its member banks to adopt new, beefed-up processes for authenticating transactions and managing passwords. Swift also is urging banks to install the latest version of its more secure software by Nov. 19, or it will report its members' security lapses to banking regulators and the industry at large, according to reports.
Industry providers echoed the need for banks to reinforce their systems, noting that simply complying with Swift's requirements may not be enough protection against criminals that have already penetrated banks' defenses.
"Even if banks upgrade and improve their current security tools and procedures, as recommended by Swift, it's important to highlight that these attacks are not primarily machine-based, and current security tools won't spot them, as the attackers have already gained a foothold behind the defense perimeters," said István Szab-, product manager for BalaBit, an international cybersecurity firm based in Hungary.
High-level bank executives are often the target of cyberattacks involving international funds transfers, and criminals increasingly are finding ways to intercept their credentials. "The better method is for participating organizations to monitor their privileged users, build specific profiles and apply behavior analytics on top of that," Szab- suggested.
Small banks may mistakenly believe they're not targets for cyberattacks like those Swift is warning against, said Mark McArdle, chief technology officer at eSentire, a Canada-based firm that detects international cybercrime.
"The Bangladesh bank was a smaller institution, with minimal cybersecurity and significant access to both monetary assets and larger targets like the New York Federal Reserve," McArdle pointed out.
Swift said in July that it had engaged the services of the British defense contractor BAE Systems and the Dutch security firm Fox-IT to enhance information sharing and threat monitoring for member banks.
