He, however, said that SWIFT could not avoid responsibility.
Advertisement
The U.S. Federal Bureau of Investigation has blamed North Korea for the attack on Sony’s Hollywood studio. In a statement, the consortium said the Bangladesh hack was part of an ongoing campaign by unknown attackers, an effort SWIFT called a wide and “highly adaptive campaign targeting banks”.
The company said the attacks on the Philippine bank occurred from October previous year, and represent the earlier known attacks from the group.
The incident has raised questions about the security of SWIFT software, and investigators are now looking into data breaches at as many as 12 banks connected to the messaging network.
The news comes just days after SWIFT CEO Gottfried Leibbrandt announced details to reinforce the security of his firm’s messaging services following a trio of cyber attacks that leveraged malware to gain unauthorized access to the platform.
This latest incident is just another example of how handcuffed nation states and private institutions are in terms of defending themselves against cyber attacks, STEALTHbits Technologies Vice President of Product Marketing Adam Laub, Sr. told SCMagazine.com via emailed comments.
There have been at least four known cyber attacks against a bank involving fraudulent messages on the SWIFT payments network, one dating back to 2013. SWIFT, the Society for Worldwide Interbank Financial Telecommunication, urged banks this week to bolster their security, saying it was aware of multiple attacks.
The security vendor said last week that similarities in the code used in the malware in both attacks led it to conclude the attacks were from the one source. Backdoor.Contopee was used by the group in their targets in the US and South Korea.
Another cybersecurity firm, BAE Systems, said this month that the distinctive computer code used to erase the tracks of hackers in the Bangladesh Bank heist was similar to code used to attack Sony.
Policymakers, regulators and financial institutions around the world are stepping up scrutiny of the cyber security of the SWIFT payments system after hackers used it to make fraudulent transfers totaling $81 million out of Bank Bangladesh’s account at the Federal Reserve Bank of NY.
The attacks involve the messaging system maintained by the Brussels-based, bank-owned cooperative SWIFT – formally known as the Society for Worldwide Interbank Financial Telecommunication – which is created to guarantee that money-moving messages between banks are authentic.
It isn’t known whether the Ecuador burglary, which involved the loss of $12m using fraudulent SWIFT transactions, was linked to the incidents in Asia, according to Symantec.
Advertisement
“The Bangladesh Bank management will follow all instructions given by the government”, Saha told Reuters.
