Haven’t hardened? You’re still gunna get hacked, says CISO
The chief information security officer for global money transfer network SWIFT says banks are still under attack from fraudsters hoping to cash in on identified security gaps to steal millions of dollars.
Alain Desausoi, security head of the Society for Worldwide Interbank Financial Telecom made the comments at the Financial Times Cyber Security Summit Europe in London this week
He said the sophisticated attacks are not going to abate, adding SWIFT’s security measures will assist banks to resist the fraudsters.
“The threat is persistent, adaptive and sophisticated – and it is here to stay,” Desausoi says.
“We continue to see cases in which our customers’ environments have been compromised and subsequent attempts made to send fraudulent payment instructions.
“Fortunately a good number of recent attacks have been thwarted or prevented either because our customers have stopped suspicious instructions or because the attacks have been identified … through the customer security program.”
SWIFT will in December 2016 introduce daily validation reports which allow banks to better review messages each day.
It will go some way to prevent further attacks akin to the mammoth US$81 million fleecing of Bangladesh central bank in which hackers targeted computers, staff, and the SWIFT messaging system to cloak money transfers.
The same hacker group was also blamed for the theft of $12m from an Ecuadoran bank, Banco del Austro SA.
The organisation announced it will consider suspending banks until those institutions improve weak security defences. ®