The Society for Worldwide Interbank Financial Telecommunication (SWIFT) interbank messaging systems has been under serious attack over the last few months and the threat of more attacks remain high. In February 2016, a motivated and competent threat actor managed to withdraw $81 million from an account at the US Federal Reserve that belonged to the Bangladesh Bank. The attack originated at the Bangladesh Bank in Dhaka, where criminals had successfully compromised the banks’ systems.
Threat & Analysis
This is not the first time that the SWIFT system has been breached. In the final quarter of 2015, criminals attempted to withdraw $1.1 million from the Hanoibased Tien Phong Bank in Vietnam2. On that occasion the bank realized that the requests were fraudulent and halted the transfer. No losses were incurred. The most recent exploit of the SWIFT messaging service occurred in Ukraine. In late June 2016, it was reported that criminals reportedly stole $10 million from an unnamed Ukrainian bank.
The Information Systems Audit and Control Association (ISACA), an independent IT monitoring organization, claimed that the targeted bank had been compromised in a manner similar to the Bangladesh Bank heist. Whilst we can observe a good number of successful attacks against the SWIFT system, our analysis show that most attackers exploit weaknesses within the target bank and its network. Malicious actors have been exploiting the publicly available information to target specific systems within banks. It is apparent that most enterprises including banks do not have a good understanding of their real threat surface.
[To read the remainder of the report, please fill out the form to get your free copy]