The Brussels company, Swift, has been battered by a series of cyber thefts that have hit banks in Ecuador, Vietnam, Bangladesh and Ukraine in the past 18 months. Swift is the largest money-transfer system in the world.
Swift has finally hired a pair of information-security firms to help it scrutinize customers’ use of its systems and detect attempted hacks. They have repeatedly said the core of its network remains uncompromised and it is the responsibility of its users to maintain the integrity of their systems. It now seems to be addressing the increasing concerns about its inability to ensure the security of its user interface and the authenticity of its message traffic.
Hackers stole $9 million from a bank in Ecuador last year and a breath taking $81 million in a brazen attack on Bangladesh’s central bank in February 2016. In those cases Swift credentials and fraudulent payment instructions were sent over the Swift Network.. Swift had announced a series of stepped-up security procedures in May, including possible audits of customer security.
Under the new customer security program, Swift has been gathering information about the breaches and feeding information back to its user community. The company said its “information sharing initiative has grown significantly since its launch, and now includes detailed intelligence and analysis on the modus operandi of attackers in recent customer fraud cases.”
Swift also said it had published for users an inventory of specific malicious software being used in the attacks and signs of possible intruders called “indicators of compromise” to help customers detect attackers.The company’s network serves more than 11,000 institutions looking to move money around the world and carries more than 25 million messages a day on average.
BTW – Swift stands for the Society for Worldwide Interbank Financial Telecommunication,