Hackers may have breached 12 more banks

The Bangladesh central bank building in Dhaka. The irregularities found in the 12 banks were similar to those involving the theft of US$81 million (S$111.5 million) earlier this year from the Bangladesh central bank.
The Bangladesh central bank building in Dhaka. The irregularities found in the 12 banks were similar to those involving the theft of US$81 million (S$111.5 million) earlier this year from the Bangladesh central bank.PHOTO: REUTERS

Probe linked to Swift network widens, with institutions affected so far mostly in S-E Asia

WASHINGTON • Investigators are examining possible computer breaches at as many as 12 banks that have irregularities similar to those in the theft of US$81 million (S$111.5 million) from the Bangladesh central bank, according to a person familiar with the probe.

The institutions are all linked to Swift's global payments network.

FireEye, the security firm hired by the Bangladesh bank, has been contacted by the other banks, most of which are in South-east Asia, the person said. They include banks in the Philippines and New Zealand but not in Western Europe or the United States. There is no indication of whether money was taken.

The expansion of the investigation four months after the discovery of the Bangladesh attack, the biggest known cyberheist in history, suggests a broad and serious campaign to breach the international financial system. FireEye declined to comment on the report.

Swift said in a statement: "The emergence of new possible instances of compromise is not entirely surprising, given that banks should now be undertaking rigorous reviews of their environments.

"Many may turn out to be false positives... but it is key that these reviews take place and banks' environments are secured."

SECURITY REVIEWS VITAL

Many may turn out to be false positives... but it is key that these reviews take place and banks' environments are secured.

SWIFT, in a written statement on the international financial breaches linked to its global payment network.

Swift has come under increasing pressure from its bank customers to ratchet up its security measures to prevent future cyber robberies.

In the Bangladesh case, the Federal Reserve Bank of New York was tricked by fake Swift messages into wiring money it held for the country to hacker-controlled accounts in the Philippines. The Fed's systems halted an additional US$850 million the attackers tried to obtain.

Hackers also stole US$12 million from an Ecuadorean bank in January last year, and tried but failed to move about US$1.2 million from a Vietnamese lender.

The interbank cooperative, whose full name is the Society for Worldwide Interbank Financial Telecommunication, has warned that there may have been more breaches than the three already publicly identified.

Hackers may have targeted even more banks, Swift chief executive Gottfried Leibbrandt said this week, in a speech outlining plans to improve network and client defences. He did not provide any details about which banks may have been targeted or whether their defences had been breached.

"Banks that are compromised like this can be put out of business," said Mr Leibbrandt.

He added that Swift, which connects 11,000 financial institutions that send about 25 million messages a day, will try to increase information sharing among clients, raise security requirements for the software they use, and help them conduct security audits.

BLOOMBERG

A version of this article appeared in the print edition of The Straits Times on May 28, 2016, with the headline 'Hackers may have breached 12 more banks'. Print Edition | Subscribe