Second Bank Hit By 'Sophisticated' Malware Attack, Says Swift

An anonymous reader cites an article on The Guardian: Swift, the global financial messaging network that banks use to move billions of dollars every day, warned of a second malware attack similar to the one that led to February's $81 million cyberheist at the Bangladesh central bank. The second case targeted a commercial bank, Swift spokeswoman Natasha de Teran said, without naming it. It was not immediately clear how much money, if any, was stolen in the second attack. Swift said in a statement that the attackers exhibited a "deep and sophisticated knowledge of specific operational controls" at targeted banks and may have been aided by "malicious insiders or cyber attacks, or a combination of both." The organization, a Belgian co-operative owned by member banks, said that forensic experts believe the second case showed that the Bangladesh heist was not a single occurrence, "but part of a wider and highly adaptive campaign targeting banks."

This is what happens when IT is OUTSOURCED!

I used to have a great job at Citizens Bank employed as a Sr. Infrastructure Engineer on the Middleware team. I was level 3 support , Capacity and Performance SME, root cause analysis.. I also performed system audits. IBM Global - India is taking over IT. In my opinion it's not because they will save a lot of money, in reality it's costing them more. How it appears to the shareholders is less payroll costs because payroll is it's amortized over 7 years. So payroll appears as 1/7th the cost. The additional costs is the lack of efficiency and security. I demonstrated how easy it was for someone with access while troubleshooting an application account information can be extracted without going detected. They have no clue that just because data is masked does not mean it's impossible to access. At a layer in the code the data is available and not encrypted. With an outsourced support model it does not matter if you have an impenetrable system or not. Outsourced application support personnel can easily access financial data. I recommend asking your bank if their IT support is outsourced. If it is.. pull your money out. Find a bank that has an internal bonded IT team. That's the safest bet. This is what happens when CIOs lack technical knowledge and are merely bean counters.