Cyber-criminals stole about $12 million from an Ecuador bank in a 2015 heist which is similar to the latest $80 million Bangladesh Bank and Vietnamese bank hack.
Advertisement
John Gomes, Bangladesh Ambassador to the Philippines, told a Philippine panel investigating how the stolen US$81 million (RM331 million) from Bangladesh central bank ended up in Manila, the hackers were neither Filipino or Bangladeshi.
The order marks the earliest known case of a central bank in a major economy ordering a formal security check-up of its member banks in response the cyber-heist at the Bangladesh bank in February.
Singapore’s central bank has asked banks to maintain a high level of security for their critical IT systems following recent cyber attacks using the SWIFT financial messaging system.
Even today, when it discusses the cyber attacks, Swift emphasizes that its own network wasn’t breached and says its members are responsible for their own system interfaces.
Wong, the casino junket operator, had earlier told the Senate that two high-rollers from Beijing and Macau shifted the $81 million to dollar accounts at Manila’s Rizal Commercial Banking Corporation (RCBC).
Bangladesh Bank officials have said they believed SWIFT, and the New York Fed, bear some responsibility for the cyber heist, but SWIFT has rejected the suggestion.
Commuters pass by the front of the Bangladesh central bank building in Dhaka March 8, 2016.
The SWIFT network – which allows banks to process billions of dollars in transfers each day – is considered the backbone of worldwide banking. The actions are not tied to a specific concern about JPMorgan’s vulnerability to SWIFT, but are part of its policy to review user access to certain systems following news of a security threat, The Wall Street Journal said, citing a person familiar with the bank.
Meanwhile, details of another Swift-related attack have emerged. The security of SWIFT itself was not breached, but hackers used advanced malware to steal credentials and cover their tracks.
A small portion of the stolen funds have been recovered, but Bangladesh officials are still considering the prospect of taking the U.S. financial system to court to recover the remainder. “It was, from our perspective, a customer fraud”, Gottfried Leibbrandt, CEO of SWIFT, said at a financial conference in Frankfurt last week. And he’s suggested that SWIFT could soon require its users to undergo periodic security audits to verify that they’re using the messaging system in a secure manner (see Blocking Hack Attacks: SWIFT Must Do More).
Advertisement
That bank detected the fraudulent requests and stopped the movement of funds, the central bank in Vietnam said.
