atans1

Cyberattacks on global payments system

In Banks, Internet on 22/05/2016 at 11:01 am

NYT Dealbook

SWIFT REPORTS A NEW ATTACK Thieves have found their way into the Swift global bank network as investigators are still trying to solve the $81 million heist from the central bank of Bangladesh, Michael Corkery reports in DealBook.

The second attack involved a commercial bank, which Swift declined to identify. In a letter it planned to send to users on Friday, which The New York Times reviewed, Swift warned that the two attacks bore similarities and were likely part of a “wider and highly adaptive campaign targeting banks.”

Banking experts said the attacks might be impossible to solve or trace. Swift said the thieves got their hands on legitimate network credentials, initiated the fraudulent transfers and installed malware on bank computers to disguise their movements.

The attackers clearly exhibit a deep and sophisticated knowledge of specific operation controls within the targeted banks – knowledge that may have been gained from malicious insiders or cyberattacks, or a combination of both,”Swift said. It also warned that the gang of thieves may have been able to recruit bank employees to hand over credentials.

Security experts who have studied the attacks said the thieves were probably lurking inside the bank systems for months before they were detected and are likely to strike again.

Swift’s core messaging system was not breached, but the criminals attacked the banks’ connections to its network. Banks are responsible for maintaining the security of their own connections to Swift and digital criminals have found ways to exploit loopholes in bank security to obtain login credentials and dispatch fraudulent Swift messages.

This second attack suggests a highly sophisticated threat that did not depend on weak digital defenses.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: