Global interbank payments network Swift has outlined plans to increase security of its infrastructure in the wake of the theft of US$81 million (£61 million) from the Central Bank of Bangladesh in February.
The organisation's chief information security officer said that Swift is still seeing incidents with its customers are being compromised.
“The threat is persistent, adaptive and sophisticated – and it is here to stay,” Alain Desausoi, said at the Financial Times Cyber Security Summit Europe this week.
“We continue to see cases in which our customers' environments have been compromised and subsequent attempts made to send fraudulent payment instructions.”
He added that the threats require industry-wide co-operation and a long-term response.
“Fortunately a good number of recent attacks have been thwarted or prevented either because our customers have stopped suspicious instructions or because the attacks have been identified and the frauds ultimately prevented as a direct result of measures introduced through the CSP,” he said.
He said that Swift has a number of initiatives designed to strengthen existing fraud controls at banks and mitigate against such attacks. One such tool is the Daily Validation Reports, which allows banks and other clients to independently verify daily transactions to identify unusual activity.
“A key step in the modus operandi in recent wire fraud cases at customer firms involves the attackers concealing their fraudulent messaging activity on customers' local systems. Smaller institutions, in particular, are currently dependent on the accuracy of the data on their own systems, but in the event of a security breach, their locally stored payment and reconciliation data may be altered or unavailable,” said Stephen Gilderdale, head of SWIFT's Customer Security Programme.
Matthias Maier, security evangelist at Splunk, told SCMagazineUK.com that as the threats against Swift are becoming more and more sophisticated, it's clear that banks need to refine their approach to security to protect themselves.
“As Swift runs on the banks' own infrastructure, it's their responsibility to protect it. However, there is a need for guidelines to be set in place for the full banking ecosystem. The customer security programme put in place by SWIFT is a first step in the right direction of establishing these guidelines,” he said.
James Parry, Technical Director at Auriga, told SC that what Alan Desausoi is advocating here by asking Swift customers to be more vigilant and act as the eyes and ears of the system.
“But is this too adhoc? The danger is that the security of the network will rely on the least vigilant entity. A more comprehensive approach would be to provide guidance and a framework on how intelligence on suspicious activity can be escalated and in my mind that suggests there needs to be some sort of automated alert mechanism,” he said.