Bank hackers now more sophisticated, warns Swift

LONDON/BOSTON • Cyber attacks targeting the global bank transfer system have succeeded in stealing funds since February's heist of US$81 million (S$115.6 million) from the Bangladesh central bank, as hackers have become more sophisticated in their tactics, according to a Swift official and a previously undisclosed letter the organisation sent to banks worldwide.

The messaging network in a Nov 2 letter warned banks of the escalating threat to their systems, according to the letter.

The attacks and new hacking tactics underscore the continuing vulnerability of the Swift messaging network, which handles trillions of dollars in fund transfers daily. "The threat is very persistent, adaptive and sophisticated - and it is here to stay," Swift said in the November letter to client banks.

The disclosures provide fresh evidence that Swift remains at risk of attacks nearly a year after funds were stolen from a Bangladesh Bank account at the Federal Reserve Bank of New York.

The unprecedented cybertheft prompted regulators around the globe to tighten bank security requirements, amid a global investigation by the Federal Bureau of Investigation, the Bangladesh authorities and Interpol.

Banks using the Swift network, which include both central banks and commercial banks, have been hit with a "meaningful" number of attacks - about a fifth of them resulting in stolen funds, since the Bangladesh heist, Mr Stephen Gilderdale, head of Swift's Customer Security Programme, told Reuters in an interview last Thursday.

"In all of these cases, attackers are suspected of trying to replicate the modus operandi of the Bangladesh attackers," he said.

Swift, a Belgium-based cooperative owned by its user banks, had previously disclosed hacks of three Swift users since February but said those did not lead to the loss of funds. Swift's letter to customers warned that hackers have refined their methods for compromising local bank systems.

One new tactic, the letter said, involved using software that allows technicians to access computers to provide technical support.

The intrusions had been detected in a variety of ways, Mr Gilderdale said. In some cases, clients' antivirus software had identified malware. In others, a new feature on software Swift provides to clients alerted Swift directly of an attempted manipulation of a client's system. In one case, a financial regulator had notified Swift of an attempted attack.


A version of this article appeared in the print edition of The Straits Times on December 14, 2016, with the headline 'Bank hackers now more sophisticated, warns Swift'. Print Edition | Subscribe