SWIFT Software Likely Compromised By Bangladesh Bank Hackers

bangladesh-bank-hack

Bad news this morning for SWIFT — the rather centrally important global financial platform. According to Reuters, cybercriminals who managed to lift $81 million from the Bangladesh central bank earlier this year probably managed that feat by hacking SWIFT’s software. That, at least, is the opinion of security researchers at British defense contractor BAE Systems.

Owned by a federation of 3,000 FIs, SWIFT has confirmed the existence of malware targeting its client software and has promised a release today (April 25) of software designed to counteract the malware. According to SWIFT spokeswoman Natasha Deteran, the cooperative will also issue a special warning for financial institutions to scrutinize their security procedures.

Deteran further noted that the software update exists “to assist customers in enhancing their security and to spot inconsistencies in their local database records.”

The warning comes as researchers at BAE are planning to go public with a blog post detailing what they think they have discovered about malware that the Bangladesh bank attackers used to manipulate SWIFT client software known as Alliance Access.

All in, the heist stripped $951 million from the Bangladesh central bank’s account at the NY Fed.

Most of that was blocked, but $81 million did manage to make its way to the Philippines and into casinos, where, so far, it has remained MIA.

Deteran reiterated on Sunday that “the malware has no impact on SWIFT’s network or core messaging services.” The SWIFT messaging platform is used by 11,000 banks and FIs, only some of which use the Alliance Access software.

“Whilst we keep all our interface products under continual review and recommend that other vendors do the same, the key defense against such attack scenarios is that users implement appropriate security measures in their local environments to safeguard their systems,” Deteran said.

Adrian Nish, BAE’s head of threat intelligence, noted that this was an extremely well-thought out and unique attempt at hacking.

“I can’t think of a case where we have seen a criminal go to the level of effort to customize it for the environment they were operating in,” he said. “I guess it was the realization that the potential payoff made that effort worthwhile.”