- Messaging network to increase software security requirements
- Swift to demand more client information and will share it
Hackers may have targeted more banks than have been previously reported, according to prepared remarks by the chief executive officer of Swift, the global interbank messaging system is set to give on Tuesday.
The Society for Worldwide Interbank Financial Telecommunication will increase security requirements for the software clients use and help clients conduct security audits, the network’s chief executive officer, Gottfried Leibbrandt, will tell an audience at the European Financial Services Conference in Brussels, according to prepared remarks of the speech, which is slated to be delivered Tuesday.
Leibbrandt’s speech comes after hackers exploited weaknesses in how banks connect to the network to steal $81 million from Bangladesh’s central bank in February and $12 million from an Ecuadorean bank in January 2015. An attack late last year on a Vietnamese lender was foiled.
"The Bangladesh fraud is not an isolated incident: we are aware of at least two, but possibly more, other cases where fraudsters used the same modus operandi, albeit without the spectacular amounts," according to the speech. "The banks were compromised, credentials to payment generation systems were obtained to send fraudulent payments and the statements/confirmations from their counterparties were obfuscated."
The network will introduce certification requirements for vendors that help some banks connect to the network and may help banks use pattern recognition to identify suspicious behavior, he will say.
In the Bangladesh case, the Federal Reserve Bank of New York was tricked by fake Swift messages into wiring money held for the impoverished country to hacker-controlled accounts in the Philippines. The Fed’s systems halted an additional $850 million the hackers tried to have transferred.
Swift plans to provide more details on its new security program for customers on Thursday.