Dive Brief:
-
SWIFT, a cooperative of 3,000 international financial institutions that enables secure financial transactions, warned its members Monday to review their security procedures because it confirmed malware was targeting its client software, according to a Reuters report.
-
British defense contractor BAE Systems, which is investigating the theft of $81 million from a Bangladesh central bank in February, said the hackers likely accessed the SWIFT platform, putting the financial platform’s members in danger.
-
SWIFT released a software update Monday to help protect its members.
Dive Insight:
The announcement is particularly concerning because, until now, it was believed that the SWIFT had not been vulnerable in the attack. But according to Reuters, SWIFT has "weaknesses that enabled attackers to modify a SWIFT software program installed on bank servers." The SWIFT messaging platform is used by 11,000 banks around the world.
SWIFT spokesperson Natasha Deteran told Reuters on Sunday that SWIFT was issuing the software update "to assist customers in enhancing their security and to spot inconsistencies in their local database records."
"The key defense against such attack scenarios is that users implement appropriate security measures in their local environments to safeguard their systems," Deteran said.
Last week, an investigator said Bangladesh’s central bank had no firewall and utilized poor security practices prior to becoming the victim of the record-breaking heist. The investigator said Bangladesh Bank used cheap, second-hand switches to network computers connected to the SWIFT global payment network.
