lolloj - Fotolia

Swift warns banks of fresh wave of cyber heists

An undisclosed number of banks have been targeted and some have lost money in a new wave of cyber thefts, Swift has warned

Secure financial messaging service Swift has warned member banks of a fresh wave of attempted and successful cyber heists.

It urged banks to comply with security measures introduced after the theft of $81m from an account belonging to the Bangladesh central bank in February 2016, reports Reuters.

Security measures recommended by Swift include stronger systems for authenticating users and updates to software for sending and receiving transaction messages.

The heist was part of a wider campaign that would have netted the cyber thieves almost $1bn if a typo had not alerted bank officials, who managed to block a further fraudulent transaction of $870m.

Swift subsequently acknowledged that the heist involved altering Swift software to hide evidence of fraudulent transfers, but it said its core messaging system was not harmed.

The company said the cyber criminals had obtained user credentials to submit fraudulent money transfer requests and used malware to manipulate PDF document reports to cover their tracks.

In a letter to clients, Swift said new cyber heists had emerged since June 2016, when it alerted customers to other cyber attacks that appeared to be linked to the Bangladesh central bank heist.

It warned that banks’ systems had been compromised and that an unspecified number of attempts had been made to send fraudulent payment instructions.

“The threat is persistent, adaptive and sophisticated – and it is here to stay,” Swift said.

It added that some banks targeted in the new attacks had lost money, but did not say how much or name any of the banks.

However, Swift said all the targeted banks had security weaknesses that had been exploited to compromise local networks and send fraudulent messages requesting money transfers.

The company has set a deadline of 19 November for customers to install the latest version of its financial messaging software, which has improved security controls, and has threatened to report non-compliance to banking regulators.

Read more about cyber crime

Banks and other financial institutions face an era of mega cyber heists, according to threat researchers in the financial sector.

Elite cyber criminal groups are investing heavily in penetrating high-value payment platforms, high-value corporate and banking networks, and payment processes such as Swift.

“Hackers targeting financial institutions are much more professional than they used to be,” said Troels Oerting, group chief security and information security officer at Barclays and former head of Europol’s European Cybercrime Centre (EC3).

“They take their time, they look at the processes, they have good resources, they are very adaptive, and they are more dedicated to going after bigger prizes rather than going after easier targets with smaller prizes,” he told Computer Weekly.

These elite groups typically use social engineering and spend a lot of time identifying who in a bank has privileged access to payment platforms to target them exclusively to steal their login credentials.

As part of this process, criminals are using high-tech tools for big data analysis and social mining, said Oerting, unfettered by the privacy regulations that defenders have to work within.

Adversaries are using a wider range of techniques, from detectable malware to complex database manipulation and human behaviour-mimicking components, threat researchers have found.

 “These, used in combination with stolen user credentials, pose a significant challenge to traditional security systems, which are no longer adequate to deal with the threat,” said Oerting.

A new approach is needed in view of the fact that malware is now being designed to operate at the service or application level, he said. .................................................

Read more on Hackers and cybercrime prevention