This second attack on the SWIFT payment network targeted a commercial bank this time, rather than the central bank of Bangladesh this time.
Advertisement
Matthias Maier, Security Evangelist at Splunk said that these were not isolated incidents and the attack was a “wake-up call” for banks.
While the number of cases of fraud at its customers is so far small, forensic experts believe the new discovery is part of a wider and highly adaptive campaign targeting banks, SWIFT said.
“The overlaps between these samples provide strong links for the same coder being behind the recent bank heist cases and a wider known campaign stretching back nearly a decade”, BAE System’s report concluded.
“In the meantime we would like to reassure you that the SWIFT network, SWIFT messaging systems and software have not been compromised”.
Finkle and Miglani write that the Society for Worldwide Interbank Financial Telecommunication, a cooperative that provides a network for global fund transfers, said the cyber heist at Bangladesh Bank is part of a larger cyber campaign against banks.
In April, SWIFT released a security update for the software that 11,000 financial institutions use to access its network.
That comment was an acknowledgement that the New York Fed, much like other banks, in most cases relies exclusively on SWIFT verification to prevent fraud and does not take additional steps.
“The banks communicating into the SWIFT system are the natural target for hackers given that they can be much softer targets than the centre”.
In a second attack, they used malware to attack a PDF system which was used to confirm SWIFT transactions.
Vietnam’s Tien Phong Bank (TPBank) said on Sunday it had thwarted a hacking attempt in the final quarter of a year ago and avoided the loss of more than 1 million euros (US$1.13 million).
The meeting came a day after SWIFT rejected as “false, inaccurate and misleading” the allegations of Bangladeshi officials reported by Reuters that technicians from the messaging service left the central bank vulnerable to the cyber attack.
By using legitimate network credentials, internet criminals have infiltrated the SWIFT system and initiated fraudulent transfers.
It urged all customers to review controls in their payments environments. Serious investigations must follow given the custom built nature of the malware used in these attacks.
Advertisement
Last week, Bloomberg News reported, citing the investigation by the USA firms, that two of the three hackers group were from Pakistan and North Korea.
