UK banks ordered to review their cyber security measures after the SWIFT Bank Bangladesh heist
The Bank of England (BoE) has ordered British banks to carry out a security review of systems connected to the SWIFT (Society for Worldwide Interbank Financial Telecommunication) network following the attack on the Central Bank of Bangladesh.
Attackers launched the attack back in February, managing to pocket at least $81 million (£57m) from its account located at the Federal Reserve Bank of New York. The attack is thought to be one of the largest bank robberies in history.
At the time, it was reported that the attackers had managed to gain access to the Bangladesh network via cheap and unpatched routers. But in April, IT security researchers at military contractor BAE Systems said that the attackers had compromised SWIFT’s software.
Brussels-based SWIFT said it was aware of malware targeting its client software and had released a patch. It also warned of other attacks on its network that had resulted in fraudulent messages being sent over its system.
But SWIFT continues to insist that the incidents didn’t involve any compromise of the network itself, but rather seem to have been carried out by attackers who obtained valid credentials from financial institutions and used these to impersonate authorised individuals. Last week SWIFT warned it had detected another attack against an unnamed commercial bank.
And now the BoE has stepped in with its order, the first time that a central bank of a major economy has ordered its member banks to conduct a formal security review in response to the Bangladesh bank heist.
The BoE apparently ordered UK banks in mid April to detail the steps taken to secure their computers connected to SWIFT, said Reuters, which quoted three people familiar with the matter as its source. The BoE has declined to comment on the matter.
The BoE told banks to conduct a “compliance check” to confirm whether they are following security practices recommended by SWIFT, which the firm recently reissued to members in the wake of the February heist.
Essentially, the BoE wants UK banks to conduct ‘user entitlement reviews’, which ensure that only authorised staff have access to SWIFT applications and the service’s messaging gateway. Banks were also told to review computer logs for digital evidence known as “indicators of compromise,” including IP addresses and email addresses linked to recent attacks.
The Bangladesh Bank attackers were said to have installed malware inside the bank’s Dhaka headquarters that hid traces of their attack in a bid to delay discovery of their attack, so they could access the funds held in New York over a weekend period.
The BoE intervention come amid growing concern of the threats banks face in the increasingly online world.
Kaspersky Lab recently revealed that in 2015 hackers turned to hacking banks directly, rather than targeting end users. It said that more than two dozen large Russian banks were targeted by hacking gangs last year, with the loss of millions of pounds.
Earlier this year Daniel Cohen, head of FraudAction at RSA explained how committing online fraud is just too easy nowadays.
Another expert revealed how it took him (hypothetically) just 20 minutes to breach the computer system of a major bank.
How much do you know about hackers and viruses? Take our quiz!