Security & Fraud

JPMC Reduces Some Employees' Access To SWIFT System

According to Wall Street Journal reports, JPMorgan Chase has limited access to the SWIFT interbank messaging service for some of its employees following a set of breaches in Southeast Asian banks.

Though SWIFT has, thus far, maintained that its network has not been compromised by the recent attacks on customer sites, it has urged banking customers to “urgently review controls in their payments environments to all their messaging, payments and eBanking channels."

JPMC is the first big bank to show signs of concern about the general security of access to SWIFT, particularly when it comes to implanting malware.

“The system is widely perceived by banks as being secure, but these incidents have shaken their beliefs and are raising the same kinds of identification questions that have arisen with spoofed emails and other systems,”‎ said Michael McGowan, anti-money laundering and compliance technology leader at cybersecurity firm Stroz Friedberg. ‎

The move follows attacks on a commercial bank in Vietnam in December and a hack on the Bangladesh central bank in May that left $81 million missing in action. In both hacks, the thieves obtained access to the banks' SWIFT credentials and then used them to post fraudulent payment instructions.

In the Bangladesh heist, thieves tried to steal $1 billion but made off with $81 million that has yet to be traced.

The cybercriminals behind the two attacks have not yet been identified. Forensic experts from California-based cybersecurity firm FireEye have found markings of at least three different hacking collectives in the Bangladeshi bank's systems. FBI investigations into the hack have indicated that at least one bank employee was likely in on the job, though other investigators have questioned whether or not an inside man had a role to play.

The attacks have brought sharper focus on the SWIFT system, with experts universally agreeing that SWIFT should be connected through a standalone computer system that is not attached to the open Web, thus making it harder for malware to infiltrate.



The How We Shop Report, a PYMNTS collaboration with PayPal, aims to understand how consumers of all ages and incomes are shifting to shopping and paying online in the midst of the COVID-19 pandemic. Our research builds on a series of studies conducted since March, surveying more than 16,000 consumers on how their shopping habits and payments preferences are changing as the crisis continues. This report focuses on our latest survey of 2,163 respondents and examines how their increased appetite for online commerce and digital touchless methods, such as QR codes, contactless cards and digital wallets, is poised to shape the post-pandemic economy.

Click to comment