JPMC Reduces Some Employees’ Access To SWIFT System

According to Wall Street Journal reports, JPMorgan Chase has limited access to the SWIFT interbank messaging service for some of its employees following a set of breaches in Southeast Asian banks.

Though SWIFT has, thus far, maintained that its network has not been compromised by the recent attacks on customer sites, it has urged banking customers to “urgently review controls in their payments environments to all their messaging, payments and eBanking channels.”

JPMC is the first big bank to show signs of concern about the general security of access to SWIFT, particularly when it comes to implanting malware.

“The system is widely perceived by banks as being secure, but these incidents have shaken their beliefs and are raising the same kinds of identification questions that have arisen with spoofed emails and other systems,”‎ said Michael McGowan, anti-money laundering and compliance technology leader at cybersecurity firm Stroz Friedberg. ‎

The move follows attacks on a commercial bank in Vietnam in December and a hack on the Bangladesh central bank in May that left $81 million missing in action. In both hacks, the thieves obtained access to the banks’ SWIFT credentials and then used them to post fraudulent payment instructions.

In the Bangladesh heist, thieves tried to steal $1 billion but made off with $81 million that has yet to be traced.

The cybercriminals behind the two attacks have not yet been identified. Forensic experts from California-based cybersecurity firm FireEye have found markings of at least three different hacking collectives in the Bangladeshi bank’s systems. FBI investigations into the hack have indicated that at least one bank employee was likely in on the job, though other investigators have questioned whether or not an inside man had a role to play.

The attacks have brought sharper focus on the SWIFT system, with experts universally agreeing that SWIFT should be connected through a standalone computer system that is not attached to the open Web, thus making it harder for malware to infiltrate.