New Bank Hacks Revealed as Financial Institutions Urged to Improve Security
The international bank communications organization is telling banks to upgrade.
— -- The operator of the messaging system that connects thousands of banks around the world has revealed new attempts to hack member banks that have taken place since the digital heist of $81 million from Bangladesh Bank in February.
The disclosure, which took the form of a letter sent by SWIFT to member banks, reportedly on Tuesday, comes as a group of senators pressure the Obama administration to make cybersecurity -- particularly as it pertains to financial institutions -- a priority at this weekend’s G20 Summit in China.
SWIFT (Society for Worldwide Interbank Financial Telecommunication) -- which connects over 11,000 banks in over 200 countries -- would reveal neither which banks were affected nor where they were located, but in an email to ABC News said that “the targeted customers varied in size and geography,” and that the hackers were “tailoring every attack to each individual target.”
Pressuring banks to bolster their digital defenses, SWIFT said in a statement summarizing the letter that the targeted banks “all had particular weaknesses in their local security,” and that the SWIFT system itself has not been affected.
“These weaknesses have been identified and exploited by the attackers, enabling them to compromise the [banks’] local,” networks and send fraudulent messages over the SWIFT messaging system, the organization said.
Fraudulent messages could be used to initiate unauthorized and illegal transactions, as was the case in February, when hackers reportedly took $81 million belonging to Bangladesh Bank from an account held with the Federal Reserve Bank of New York.
News of the new hack revelations was first reported by the Reuters news agency, which said that the letter was part of an effort to get banks to update their software in wake of the attack on Bangladesh Bank.
SWIFT was having trouble getting banks to upgrade their systems, according to Reuters, which also noted that the letter warned banks that they may be reported to regulators if they do not upgrade by Nov. 19.
Attacks similar to the one on Bangladesh Bank have also occurred at Ecuador's Banco del Austro, which saw $12 million stolen, according to Reuters.