MANILA, Philippines – The Society for Worldwide Interbank Financial Telecommunication (SWIFT), a global financial messaging network, warned its customers Monday, April 25, that it knew of "a number of recent cyber incidents" in which attackers sent fraudulent messages over its system.
Reuters reported that the disclosure came following investigations into the theft of $81 million from the Bangladesh Bank's account at the Federal Reserve Bank of New York. (READ: SWIFT system and the $81-M money laundering issue)
SWIFT also said the scheme involved alterations to the SWIFT software on Bangladesh Bank's computers. This was done to cover up evidence of fraudulent transfers.
The group told customers, "SWIFT is aware of a number of recent cyber incidents in which malicious insiders or external attackers have managed to submit SWIFT messages from financial institutions' back-offices, PCs or workstations connected to their local interface to the SWIFT network."
The statement was the first acknowledgment that the Bangladesh Bank heist was not an isolated case. Rather, it appeared to be one of a number of attempts to leverage SWIFT – which is used by some 11,000 financial institutions – as a means of stealing money.
SWIFT on Monday also released a security update to its software – which banks use to access the network – to prevent malware intrusions.
According to the group, attackers gained valid credentials for operators who were authorized to create and approve messages on the network. They then sent false messages by impersonating the operators.
SWIFT spokeswoman Natasha Deteran said internal or external attackers compromised the banks' own environments to obtain valid operator credentials. She prompted customers to "do their utmost to protect against this."
SWIFT also told customers that its security update is mandatory and must be installed by May 12. The update is supposed to help banks figure out situations in which attackers have attempted to hide their tracks. – Rappler.com