swiftknowledgebase100662402orig
Security

SWIFT brings in external support as it fights wave of bank hacks

SWIFT is bringing in additional security support after a series of high-profile bank heists and attempted bank heists conducted via its financial transaction network.

The company has hired two security firms, UK-based BAE Systems and Fox-IT Security of the Netherlands, to help its customers strengthen their security, it said Monday.

SWIFT's network itself has not been breached in the recent attacks, but bank systems connected to it have been hacked in a number of high-profile incidents over the last year, the most spectacular of which almost led to the loss of US$1 billion from Bangladesh Bank.

BAE Systems knows SWIFT's network well, having published independent reports on the recent attacks, in particular one against a bank in Vietnam. Intriguingly, it also found a link with the 2014 attack on Sony Pictures.

Since those attacks came to light, SWIFT has implemented a new security program for customers, in an effort to educate them that their security systems are just as crucial as its own in preventing the abuse of the SWIFT network to misappropriate their funds.

It is conducting forensic investigations at banks that have suffered SWIFT-related attacks, and sharing the information, in anonymized form, with other banks. Among the information-sharing initiatives are catalogs of the malware involved in the attacks and of key "indicators of compromise" -- think "Eight signs you're having a heart attack" written for the IT department.

SWIFT has also set up a dedicated team to focus on forensics and customer security intelligence, which will work with the two security firms hired Monday.

None of these information-sharing initiatives will work unless there is information to share. SWIFT took the opportunity to remind its customers Monday that they are contractually obliged to inform SWIFT in the event of an attack on their systems -- even if the attack does not succeed.

IDG Insider

PREVIOUS ARTICLE

« New Relic adds support for Golang, SPA monitoring

NEXT ARTICLE

Gotta catch 'em all: 5 facts that prove Pokémon Go is eating the world »
author_image
IDG News Service

The IDG News Service is the world's leading daily source of global IT news, commentary and editorial resources. The News Service distributes content to IDG's more than 300 IT publications in more than 60 countries.

  • Mail

Recommended for You

International Women's Day: We've come a long way, but there's still an awfully long way to go

Charlotte Trueman takes a diverse look at today’s tech landscape.

Trump's trade war and the FANG bubble: Good news for Latin America?

Lewis Page gets down to business across global tech

20 Red-Hot, Pre-IPO companies to watch in 2019 B2B tech - Part 1

Martin Veitch's inside track on today’s tech trends

Poll

Do you think your smartphone is making you a workaholic?