Brussels-based interbank cooperative Swift has told its members to tighten security as it revealed more cyber-attacks against users of its financial messaging network.
As reported by Reuters, Swift sent a private letter to its members warning them that more thefts have occurred and some of these have been successful.
"Customers' environments have been compromised, and subsequent attempts (were) made to send fraudulent payment instructions," Reuters quoted a copy of SWIFT's letter. "The threat is persistent, adaptive and sophisticated - and it is here to stay."
While it admitted that some banks had lost money it didn't say how much was stolen or how many attempts to steal had been successful. But it said that the successful attempts all had one thing in common – weaknesses in local security that cyber-criminals used to compromise local networks and send fraudulent messages requesting transfers of money.
Swift has been on a mission to get members to bolster security following a US$ 81 million (£62 million) cyber-heist from the Bank of Bangladesh and attacks on other Asian banks. In June, it launched a major security push aimed at defining an operational and security baseline that banks must have to protect Swift transfers.
The Reuters report speculates that cyber-criminals may have ramped up efforts after the Bangladesh robbery. Swift has told banks that it may have to report them to regulators if they fail to meet a 19 November deadline to install the latest version of its software. This update patches against the latest round of attacks.
Lev Lesokhin, executive vice president of Strategy and Analytics at CAST, told SCMagazineUK.com that the attacks were “almost entirely avoidable with the right controls in place”.
“IT Security and the underlying software quality are interlinked. If a closer look at the network beyond their walls, yet still within their grasp, was taken, they would have seen that something was not quite right,” he said.
Brian Spector, CEO at MIRACL, told SC that verifying people's identities is the only way to securely enable the multitude of digital transactions taking place on SWIFT systems worldwide.
“All too often, bad actors orchestrate attacks of this magnitude by stealing employee credentials – usually just a username and password. Attackers know that when a password, irrelevant of how complex the password may be, is successfully stolen, the attacker can get access to internal systems, gaining access to financial controls and making away with some eye-watering thefts,” he said.