Swift bank transfer system compromised

In the wake of the disclosure by global financial service provider Swift of a US$81 million ($105.7 million) cyber theft using its inter-bank money transfer system, a CyberArk expert has warned that attacks of this kind are happening all over the world.

Swift has warned its banking customers to upgrade their money transfer software after word of a scheme involving fraudulently transferring money from Bangladesh’s central bank account with the New York Federal Reserve.

The scheme involved modifying Swift’s software running on Bangladesh Bank servers to hide evidence of fraudulent transfers.

Swift disclosed that in most cases, the attackers obtained valid credentials for operators allowed to create and approve Swift messages, then sent fraudulent messages impersonating those people to help perpetuate the fraud.

Commenting on the news, CyberArk Head of Research Labs Andrey Dulkin said such attacks are common.

“Attacks of this nature are happening all over the world. The principles are the same in all of them, in that the attacker is looking to compromise user or application credentials to get to the end goal — in this case, credentials that would enable issuing fraudulent transactions,” he said.

The case proves that not only can operator credentials be compromised, but that certain applications and automated processes credentials can be hijacked and abused as well, Dulkin noted.

“Financial organisations face the threat of such attacks on a regular basis and need to address the core issue of attackers hijacking and abusing legitimate credentials to mitigate the risk of malicious transactions.”

Image courtesy of Bankenverband - Bundesverband deutscher Banken under CC