“Better shape up” SWIFT tells banks with weak cyber security procedures, in wake of recent attacks
The SWIFT (Society for Worldwide Interbank Financial Telecommunication) network has warned banks that it expects them to deliver an “operational baseline” of appropriate security measures.
SWIFT repeated that the recent attacks did not compromise its system, but each successful attack was because the bank concerned suffered a series of security breaches within its locally managed infrastructure. And SWIFT wants the banks to take their security much more seriously, and will remove banks with weaker cyber defences.
“While SWIFT customers have individual responsibility for the security of their environments, we are fully committed to deploying SWIFT’s knowledge and expertise to help customers in the fight against cyber-attacks,” it said, before warning the banks that they need to bring their security procedures up to speed.
“SWIFT’s customer security programme will clearly define an operational and security baseline that customers must meet to protect the processing and handling of their SWIFT transactions. SWIFT will also continue to enhance its own products and services to provide customers with additional protection and detection mechanisms, and in turn help customers to meet these baselines.”
Going forward, SWIFT will pursue five strategic initiatives. First it will improve information sharing amongst the normally secretive banking community and will “require” more information from its customers, and share relevant information back with the community.
Second it will enhance SWIFT related tools for customers, including increasing the remote monitoring capabilities of customer environments and tougher authentication processes.
Thirdly it will enhance operational guidelines and provide audit frameworks. Fourthly it would explore the feasibility of tools that would detect anomalies on its own network, and finally it would enhance support by third party providers.
“The security of global banking can only be ensured through a collaborative approach between SWIFT, its customers, overseers, and third party suppliers,” it said. “We are fully committed to doing everything we can to help keep global banking safe.”
SWIFT’s decision to enhance the security processes surrounding its network have been welcomed by many experts.
“The news that Swift will not work with any banks with sub-standard security standards will be welcomed by the public, but also worry many financial institutions,” said Richard Brown at Arbor Networks.
“This announcement from Swift will hopefully force banks to take even further steps to proactively assess and improve their security posture. The financial services industry is one of the best at sharing threat intelligence and organisations such as CERT-UK are promoting this across different verticals. This style of collaborative approach against cybercriminals will be far more effective than each individual organisation fighting their own battle.”
“I hope this development represents a new chapter for Swift, understanding that good security posture of their payment ecosystem is reliant on more than just a ‘secure’ application,” he said. “It’s also essential that the network and devices where the systems reside are as secure as possible – with users trained to spot and report anomalies as quickly as possible while following a well-defined set of security practices.”
“Minimum cybersecurity standards should be welcomed across the industry, but the risk of driving people to unsafe channels is real. SWIFT need to help educate organisations and support them to meet the minimum network standards.”
It was back in February when the attackers launched the attack and manage to pocket at least $81 million (£57m) from the account of Central Bank of Bangladesh, located at the Federal Reserve Bank of New York. The attack is thought to be one of the largest bank robberies in history.
At the time, it was reported that the attackers had managed to gain access to the Bangladesh network via cheap and unpatched routers. But in April, IT security researchers at military contractor BAE Systems said that the attackers had compromised SWIFT’s software. In fact, the attackers exploited other avenues to exploit SWIFT.
Brussels-based SWIFT said it was aware of malware targeting its client software and had released a patch. It also warned of other attacks on its network that had resulted in fraudulent messages being sent over its system.
SWIFT insists that the incidents didn’t involve any compromise of the network itself, but rather seem to have been carried out by attackers who obtained valid credentials from financial institutions and used these to impersonate authorised individuals.
How much do you know about hackers and viruses? Take our quiz!