Photographee.eu - Fotolia

Swift reports another Bangladesh central bank-style cyber attack

Global financial messaging organisation Swift warns of a highly adaptive cyber criminal campaign targeting banks with user credentials to submit transfer requests

Another bank has been targeted by cyber criminals in a similar way that led to the theft of $81m from the Bangladesh central bank’s account at the Federal Reserve Bank of New York in February 2016.

The Society for Worldwide Interbank Financial Telecommunication (Swift) said the target of the latest attack was a commercial bank, but did not name it or give any other details.

The attackers exhibited a “deep and sophisticated knowledge of specific operational controls” at the bank and may have been aided by “malicious insiders or cyber attacks, or a combination of both,” Swift said in a statement.

According to Swift, investigators said this latest incident shows that the Bangladesh heist was not a single occurrence, “but part of a wider and highly adaptive campaign targeting banks".

In both cases, Swift said it appeared that insiders or cyber attackers had obtained user credentials and submitted fraudulent money transfer requests.

Commenting on the first case, Justin Harvey, chief security officer at Fidelis Cybersecurity said it showed how critical it was to protect corporate credentials.

“Those with powerful access rights within an organisation are an easy target for hackers and, if compromised, this can have a devastating impact on any company – financially and in terms of reputation,” he said.

Read more about cyber crime

Misspelling prevents $1bn loss

In the latest case, the cyber criminals used malware to manipulate PDF document reports confirming the messages to hide their tracks, said Swift.

In February, cyber attackers managed to get four transfers totalling $81m through, but a fifth was blocked because the hackers misspelt the word “foundation” as “fandation” when trying to transfer $20m to an account supposedly held by an organisation called the Shalika Foundation, which is not officially listed in Sri Lanka.

The Bangladesh central bank halted the transaction when the typo led to a query seeking clarification by a routing bank, Deutsche Bank.

The query, combined with an alert from the New York Federal Reserve about the unusually large number of requests, led the Bangladesh bank to halt all the other transactions initiated by the cyber criminals that would have netted a further $870m, which would have brought the total close to $1bn.

Pledges of collaboration

Representatives of the New York Fed, Bangladesh Bank and Swift met in Basel, Switzerland on 10 May 2016 to discuss the February heist.

The parties provided details on the actions taken and exchanged information about the cyber and physical vulnerabilities illustrated in the event.

All parties stated their concern and their continued commitment to work together to normalise operations.

They also agreed to work together to recover the money, bring the perpetrators to justice and protect the global financial system from these types of attacks.

Swift acknowledged that the scheme involved altering Swift software to hide evidence of fraudulent transfers, but that its core messaging system was not harmed, according to the Guardian.

Swift is a global member-owned co-operative that provides secure financial messaging services that connect more than 11,000 financial services organisations in more than 200 countries and territories.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on Hackers and cybercrime prevention

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close