The February theft of $81 million from Bangladesh Central Bank’s account at the New York Federal Reserve widened further in scope this morning, when officials at the Society for Worldwide Interbank Financial Telecommunication or SWIFT, the exchange network used to transfer cash between banks in different countries, said that it was aware of “a number of cyber incidents” that involved sending fraudulent messages over its network.
The full text of the message was as follows:
“SWIFT is aware of a number of recent cyber incidents in which malicious insiders or external attackers have managed to submit SWIFT messages from financial institutions' back-offices, PCs or workstations connected to their local interface to the SWIFT network.”
The consortium also released a security patch on Monday morning to protect its systems from similar attacks in the future. It also explained how the hack attack was carried out in a note this morning. The hackers used credentials for officials responsible for approving SWIFT messages and, subsequently, impersonated them to send out SWIFT transfer messages from New York Fed to accounts in Philippines and Sri Lanka.
FireEye Inc., a Silicon Valley-based security firm, had earlier stated that hackers had breached as many as 32 computers on the Bangladesh Central Bank’s network. According to British security firm BAE Systems, the bank also did not have firewall and used $10 network switches. The firm, which published its findings a couple days ago, said hackers had modified Alliance Access, a software that reads and writes SWIFT messages to the system and updates the Oracle database.
A SWIFT spokeswoman told Reuters that the consortium had made Alliance interface software update mandatory “as it is designed to help banks identify situations in which attackers have attempted to hide their traces -- whether these actions are executed manually or malware.”
Security experts said further investigation into the SWIFT network would reveal more discrepancies and hacks. Shane Shook, a banking security consultant, said hacks on the SWIFT system were enticing "because smaller efforts result in much larger thefts." “It’s much more efficient than stealing from consumers,” he is quoted in a Reuters interview.