Dive Brief:
- SWIFT warned member banks in a letter Tuesday that if they don’t meet a November deadline for upgrading to new, more secure versions of its software, it may report them to regulators and banking partners, according to a Reuters report.
- The global financial management organization simultaneously revealed details about new hacking attacks — some of which were successful — on SWIFT member banks since June.
- SWIFT has struggled to get member banks to comply with new security protocols implemented following the Bangladesh heist because it is a is a nonprofit cooperative without regulatory authority over its members.
Dive Insight:
SWIFT has been pushing member banks to comply with new security procedures following February's $81 million heist at Bangladesh Bank. The organization warned that criminals are specifically targeting banks with poor security procedures for SWIFT-enabled transfers.
"Customers’ environments have been compromised, and subsequent attempts (were) made to send fraudulent payment instructions," according to a copy of the letter, obtained by Reuters. "The threat is persistent, adaptive and sophisticated — and it is here to stay."
SWIFT did not indicate how much money was stolen since June, but said all the victims had weak local security, which attackers compromised to send fraudulent messages requests for money transfers, according to the letter.
U.S. lawmakers have grown more concerned about financial security after the Bangladesh heist, which used the SWIFT banking network to request nearly $1 billion from an account at the Federal Reserve Bank of New York. Earlier this week, six U.S. senators sent a letter to President Barack Obama urging him to prioritize cybersecurity at this weekend's Group of 20 summit in China.