The attack follows a similar but little-noticed theft from Banco del Austro in Ecuador previous year that netted thieves more than $12 million, and a previously undisclosed attack on Vietnam’s Tien Phong Bank that was not successful.
Advertisement
“We work very hard at improving the cyber security of our network; every day we wake up and go to sleep thinking about, and protecting against that threat”.
She also wanted to know how they would ensure that US “members of SWIFT are in full compliance with SWIFT’s recommended security practices and policies”, and whether the agencies had ordered USA banks to conduct a cyber security review along the lines of the review ordered by the Bank of England.
It was recently disclosed that the service, which is used to transfer large sums of money between worldwide banks, was used to attack the Tien Phong Bank in Vietnam, as well as the Bangladesh central bank.
SWIFT’s network and core messaging services have not been compromised by the attacks, he added.
Banks send payment instructions to one another via SWIFT messages. The move comes after recent reports emerged of a slew of cyberheists, the most prominent of which is the Bangladesh Bank hack, which is now being investigated by officials.
In February, cyber thieves stole $81 million from the central bank of Bangladesh, using stolen credentials from Bangladesh Bank computers to log into the SWIFT system, according to research by British defense contractor BAE Systems.
The SWIFT system for transferring money between banks will see security improvements after fraudulent transactions caused the loss of tens of millions of dollars. Chairman Martin Gruenberg, asking them if they planned to follow the Bank of England’s lead and order all USA banks to conduct a full cybersecurity review. Tom Carper (D-Del.), the ranking Democrat on the Senate Homeland Security and Governmental Affairs Committee, on May 19 writing to the New York Fed and SWIFT to request details about how they’re responding to hack attacks.
In an apparent concession to banks, Leibbrandt said SWIFT was ready to help lenders detect possible frauds.
Leibbrandt said the method is much more series than a typical data breach or theft of customer information. “The security of our network remains our key priority; the security of their own environments has to remain – and, for some, become – banks’ priority”. “We can provide tools and best practices for such a detection at the receiving bank”, he told the conference. When banks lose control of access to their payment channels, it’s different.
Advertisement
The network will introduce certification requirements for vendors that help some banks connect to the network and may help banks use pattern recognition to identify suspicious behavior, he will say. But he also urged banks to help each other to better help themselves, starting with sharing information about related attacks.
