Shape up, cause the Bangadesh Bank hack is just the start, SWIFT warns
Criminals have hacked an unspecified number of new banks, using the SWIFT messaging system already implicated in one of the most lucrative breaches in history.
Reuters reports SWIFT has sent notices to banks around the world warning of breaches and asking the financial institutions to lift their security game.
Hackers of unknown origin stole some US$81 million from Bangladesh Bank and nearly scored almost US$1 billion save for the presence of a typo which raised suspicion, preventing two transactions of US$850 million and US$870 million.
The attack was well timed, with warning messages from SWIFT regarding the large monetary transfers being not noticed during a long weekend, and then buried among a pile of low-priority messages.
Researchers at BAE analysed the malware used in the attacks and found it was injected into the bank’s SWIFT terminal via a vulnerable switch and from there altered transfer reports and printed reports to cover thier tracks.
The flaws were the fault of Bangladesh Bank and its second-hand networking gear, according to SWIFT, and not the latter’s infrastructure.
Attackers unknown are now plundering other banks by exploiting neglected local information security infrastructure.
“Customers’ environments have been compromised, and subsequent attempts [were] made to send fraudulent payment instructions,” a SWIFT letter sent to customers and obtained by Reuters reads.
“The threat is persistent, adaptive and sophisticated – and it is here to stay.”
The letter reportedly reveals other banks have lost money in the attacks but does not say how much or name the affected institutions.
Regulators in the US and Europe have joined SWIFT in pressuring banks to increase their information security controls.
Sourcing gear from places other than Craigslist or Gumtree would be a good start. ®
Sponsored: Global DDoS threat landscape report