SWIFT-ly goes the money

Safe as “money in the bank”? Well guess again. Even the banks’ SWIFT secure system for transferring funds are not so safe anymore.

Hacker thieves have recently stolen nearly $100 million from several banks. They did this without physically robbing the buildings but by penetrating the online security of the impacted banks and subverting the security of the SWIFT money transfer system.

Follow the money

The hacker’s prime target is the SWIFT financial messaging service. Described by Bloomberg as the “Gmail of global banking”, SWIFT processes 25 million financial communications every day. A cooperative owned by 3,000 banks, SWIFT is short for the Society for Worldwide Interbank Financial Telecommunication. An attack or vulnerability within the SWIFT system goes to the core of our interconnected world.

What did the bad guys do this time?

Hackers have stolen nearly $100 million from several banks by misusing the SWIFT system. They essentially emailed banks instructions for transferring the funds, then had the printed records of the transaction altered to cover their tracks.  The largest single theft of $81 million was made by sending a bogus – but certified – message to the Federal Reserve Bank of New York from the Bangladesh central bank. Another attack on a Vietnamese bank was just thwarted. Last year, a similar attack got hackers more than $12 million from a bank in Ecuador. And, there are more suspected attacks which investigators are now uncovering.

From pointing fingers to helping hands from SWIFT

With millions already stolen, there is a lot of finger pointing going on in the SWIFT world. SWIFT has already reminded people that a a SWIFT user is “responsible for the security of its own systems interfacing with the SWIFT network and their related environment – starting with basic password protection practices.” End May, Gottfried Leibbrandt, the CEO of SWIFT, has pointed out that “SWIFT is not all-powerful, we are not a regulator, and we are not a policeman; success here depends on all the stakeholders in and around the industry.

But, he has hinted that a new five-part customer security program will be coming. Ahead of their official list, here are five security points gleaned from the ongoing SWIFT debate which are applicable to the normal computer users.

  1. Control access and authorization rights — Who has access rights to your device? Do you have two-factor authentication in place? There is a reason why both SWIFT and the robbed bank are complaining about weak password policies. Use two-factor authorization whenever possible, whether it is with Avira Online Essentials, LinkedIn, or your bank.
  2. Stay updated – The debate is raging over the security of some of the software used in the SWIFT system. What about the software on your device? Are you fully updated and patched against the latest exploit kit attacks?
  3. Have a firewall in place – A firewall – either the software or hardware variant – restricts communication from your device to the wider internet via specific ports. The Bangladesh bank reportedly had no firewall in place. Windows now comes with a firewall included and there are free options out there on the market. Get one of them.
  4. Be suspicious – If something looks odd in an online account or email – be suspicious and careful. Don’t click. A theft of just under one billion dollars was stopped solely because someone was suspicious about a grammatical error in the transfer request.
  5. Share insights – Avira is already doing this for you internally by analyzing malware in its Avira Protection Cloud and externally with the larger security community through its active participation in VirusTotal.
As a PR Consultant and journalist, Frink has covered IT security issues for a number of security software firms, as well as provided reviews and insight on the beer and automotive industries (but usually not at the same time). Otherwise, he’s known for making a great bowl of popcorn and extraordinary messes in a kitchen.