WASHINGTON • Investigators are examining possible computer breaches at as many as 12 banks that have irregularities similar to those in the theft of US$81 million (S$111.5 million) from the Bangladesh central bank, according to a person familiar with the probe.
The institutions are all linked to Swift's global payments network.
FireEye, the security firm hired by the Bangladesh bank, has been contacted by the other banks, most of which are in South-east Asia, the person said. They include banks in the Philippines and New Zealand but not in Western Europe or the United States. There is no indication of whether money was taken.
The expansion of the investigation four months after the discovery of the Bangladesh attack, the biggest known cyberheist in history, suggests a broad and serious campaign to breach the international financial system. FireEye declined to comment on the report.
Swift said in a statement: "The emergence of new possible instances of compromise is not entirely surprising, given that banks should now be undertaking rigorous reviews of their environments.
"Many may turn out to be false positives... but it is key that these reviews take place and banks' environments are secured."
SECURITY REVIEWS VITAL
Many may turn out to be false positives... but it is key that these reviews take place and banks' environments are secured.
SWIFT, in a written statement on the international financial breaches linked to its global payment network.
Swift has come under increasing pressure from its bank customers to ratchet up its security measures to prevent future cyber robberies.
In the Bangladesh case, the Federal Reserve Bank of New York was tricked by fake Swift messages into wiring money it held for the country to hacker-controlled accounts in the Philippines. The Fed's systems halted an additional US$850 million the attackers tried to obtain.
Hackers also stole US$12 million from an Ecuadorean bank in January last year, and tried but failed to move about US$1.2 million from a Vietnamese lender.
The interbank cooperative, whose full name is the Society for Worldwide Interbank Financial Telecommunication, has warned that there may have been more breaches than the three already publicly identified.
Hackers may have targeted even more banks, Swift chief executive Gottfried Leibbrandt said this week, in a speech outlining plans to improve network and client defences. He did not provide any details about which banks may have been targeted or whether their defences had been breached.
"Banks that are compromised like this can be put out of business," said Mr Leibbrandt.
He added that Swift, which connects 11,000 financial institutions that send about 25 million messages a day, will try to increase information sharing among clients, raise security requirements for the software they use, and help them conduct security audits.