SWIFT Network Used to Steal $90 Million

Earlier this year, cybercriminals took $81 million from the Bangladesh Central Bank’s account at the New York Federal Reserve.

The attackers were able to pull this off by hacking the Bangladeshi bank’s database and using it to communicate through the Society for Worldwide Interbank Financial Telecommunication (SWIFT) network.

This mimics an attack done early last year where $9 million was stolen from an Ecuador bank account through fraudulent SWIFT messages.

Investigations on this crime showed that banks face demanding data security problems when they use SWIFT.

In operation for more than 40 years, SWIFT is used by more than 11,000 institutions in 200 countries around the world. According to some estimations, these banks sent out 25 million messages daily in April of this year alone.

Cybercriminals took $81 million from the Bangladesh Central Bank’s account at the New York Federal Reserve through fraudulent messages on the SWIFT network.

SWIFT is used by banks or people who wish to send money internationally. These consumers use 8-character codes to verify transactions and make them more secure.

Investigators have not found out how the attackers were able to penetrate the banks’ networks. While there are similarities to previous attacks on other institutions, these attacks seem to be more advanced.

The hackers were able to straightaway steal the funds rather than just the data that would lead to access of the accounts. These funds were then sent to fake accounts that were promptly emptied out by the attackers.

The attackers of the Bangladeshi bank employed a more sophisticated attack, though. Their malware was able to erase the records for the fake messages that were used, intercept other communications from the recipient bank, and manipulate account balances and printouts of the fraudulent transactions.

While this debacle is a nightmare for the institutions involved, it could have been much more horrendous. The attackers originally tried to transfer more than $950 million, but most of the transfers were blocked – aside from the $81M.

When the cybercriminals penetrated the bank’s computer systems after banking hours, they searched for their cancelled transfers, changed it back to their liking, and reissued the transfers. These transactions were then confirmed by the receiving banks, resulting into the successful transfers.

While the bank auditors were able to pinpoint the fraudulent transfers a few days after the heist, only $2.7M of the $12M stolen was returned.

Gottfried Leibbrandt, SWIFT’s CEO, said the hacking of the Bangladeshi bank was a “watershed moment” that should lead to banks working much harder on their collective defensive efforts.

He added that “cyber risk is big: there will be more cyber-attacks and inevitably some will be successful.”

SWIFT’s former CEO, Leonard Schrank, deemed the SWIFT-related attacks on the banks as a “huge wakeup call,” urging banks to improve their computer and Internet security systems, and pushing for more stringent transaction confirmation methods.

SWIFT announced that “strategic initiatives” will be implemented. They will be requiring SWIFT users to report any security-related incidents; an expansion of 2-factor authentication of SWIFT messages; security and audit baseline enhancements for participating parties; an increase in anomaly detection and stop-payment controls; and the support of third parties in assisting with the implementation of security measures.

Comprehensive multi-device protection for you and your family for up to 6 PCs, Macs, Android, and iOS devices. For more info click here.

Share on social media: