Hackers have managed to bypass the security of the financial messaging system SWIFT and steal money from an unidentified commercial bank. Apparently, the feat is part of a larger plan to attack the global banking system.
SWIFT is a relatively secure system to move money from one bank to another across the world. SWIFT was once more broken into in February when $81 million vanished from the Bangladesh’s central bank. At the time, hackers forced the Federal Reserve Bank to move the funds to an undisclosed location in the Philippines.
The latest heist targeted a commercial bank. SWIFT refused to provide details on the entity’s identity, but it said that the two attacks are so similar that investigators believe that they may be part of a larger, ‘highly adaptive’ scheme to target banks.
SWIFT unveiled the robbery in a letter issued Friday. The group also noted that the robbers somehow managed to obtain legit credentials to log in the network, start the illegal transfers, and infect the bank’s system with malware to cover their traces.
Some cyber security experts believe that such attacks are rarely traced or solved. SWIFT suspects that the attackers may have received insider help or they may have compromised the bank system’s through a series of cyber attacks or both. SWIFT said that hackers had “deep and sophisticated knowledge” of the bank’s operations.
Experts think that attackers might have entered the bank’s system and studied it for months before attacking. SWIFT is now worried that this has happened with help from some of the bank’s employees.
Fortunately, in both attacks, SWIFT’s core messaging platform remained intact. Instead hackers targeted only the bank’s side of the system. Experts explained that each bank needs to secure its own SWIFT connections, but that makes them more vulnerable. Hackers often exploited weak security in individual banks to grab key SWIFT data and credentials.
It is not the first time hackers target a bank and manage to get away with it. In 2014, 83 million JPMorgan Chase accounts were compromised, yet no cash was withdrawn. Every day, thieves steal bank customers’ credit card data and money from ATMs.
But SWIFT attacks are the most significant because in a single attack millions of dollars belonging to the banks can vanish without a trace. These attacks are the modern version of a bank vault robbery.
Image Source: Pixabay