Slashdot Mirror

← Back to Stories (view on slashdot.org)

SWIFT Says Hackers Still Targeting Bank Messaging System (reuters.com)

Posted by msmash on from the security-woes dept.

Hackers continue to target the SWIFT bank messaging system, though security controls instituted after last year's $81 million heist at Bangladesh's central bank have helped thwart many of those attempts, a senior SWIFT official told Reuters. From the report: "Attempts continue," said Stephen Gilderdale, head of SWIFT's Customer Security Programme, in a phone interview. "That is what we expected. We didn't expect the adversaries to suddenly disappear." SWIFT spokeswoman Natasha de Teran told Reuters that the attackers had attempted to hack into computers that banks use to access the organization's proprietary network, then create fraudulent messages to send over the SWIFT system. "We have no indication that our network and core messaging services have been compromised," she said. The disclosure underscores that banks remain at risk of cyber attacks targeting computers used to access SWIFT almost two years after the February 2016 theft from a Bangladesh Bank account at the Federal Reserve Bank of New York.

16 comments

  1. Hackers still following the money... by mccrew · · Score: 3, Informative

    Film at 11.

    --
    Hey, Windows users, there is no such thing as "forward" slash, there is only slash and backslash.
    1. Re:Hackers still following the money... by Matheus · · Score: 1

      Yeah... yawn... "The disclosure underscores that banks remain at risk of cyber attacks targeting computers used to access SWIFT almost two years after..."

      Two years after... Ten Years After (Great band btw)... Ten centuries after (assuming our species is still kickin' it): They will still be hacking after that money, yo!

      Dolla dolla bills.

  2. Swift can do that? by Ukab+the+Great · · Score: 2

    Eat your heart out, JavaScript. Those Apple technologies are just too amazing.

    1. Re:Swift can do that? by DontBeAMoran · · Score: 1

      Rust is much better than Swift though. You can intuitively know from the name itself. Is there nothing better than rust? It's the nemesis of Metal, another Apple technology.

      --
      #DeleteFacebook
    2. Re:Swift can do that? by sconeu · · Score: 1

      Watch daemons written in Rust are the best, because Rust Never Sleeps.

      --
      General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
    3. Re:Swift can do that? by Anonymous Coward · · Score: 0

      Slashdot taught me that Rust is the language of the homosexual pedophile.

  3. These bank manager types sure are by Anonymous Coward · · Score: 0

    SWIFT

  4. And? by Gravis+Zero · · Score: 3, Insightful

    It's not like banks aren't being adequately compensated for their services. If they won't fund the creation of a bulletproof banking network that can withstand close scrutiny then they really only have themselves to blame.

    --
    Anons need not reply. Questions end with a question mark.
    1. Re: And? by Camembert · · Score: 2

      The network might be bulletproof, and from what I know it is well engineered, but if the a bank at the edge of the network has sloppy security practices, then conceivably fraudulent transactions can happen. With an analogy, If you write your paypal password on a post it note, and someone misuses it to do a payment, is paypal at fault?

    2. Re: And? by Gravis+Zero · · Score: 1

      The solution to that is easy: accountability, culpability and limitations on capability. Plenty of books have been written on ensuring secure practices and minimizing the level of damage any single idiot can do. If that part of your banking system is fucked up then you are in the wrong business.

      --
      Anons need not reply. Questions end with a question mark.
    3. Re: And? by tlhIngan · · Score: 1

      The network might be bulletproof, and from what I know it is well engineered, but if the a bank at the edge of the network has sloppy security practices, then conceivably fraudulent transactions can happen. With an analogy, If you write your paypal password on a post it note, and someone misuses it to do a payment, is paypal at fault?

      Nope, but then again, the network wouldn't allow you to transfer funds from two unrelated banks - if a bank's poor security results in hackers having full access to their SWIFT account, then the network will reject any message that claims to be from anyone other than the bank in question.

      So hackers may send the bank's money to their account, or from accounts hosted by that bank, but they can't cause another bank to transfer money over.

      So if a bank doesn't want to pay for security, and they get hacked, well, it's their money being drained away

  5. Asking for a friend by fattmatt · · Score: 1

    Asking for a friend ... if I recall the heist was 4 transfers totaling $81 Million, so at what point do multi million dollar transfers become an untraceable? At some point the money must leave the banking system but that is a lot of money to discreetly spend or cash out. I'm old and too lazy to read the articles.

    1. Re:Asking for a friend by Anonymous Coward · · Score: 0

      My recollection is that the money was transferred to banks in the Philippines, and then used to purchase chips in a casino. I think the idea was to launder the money through the casino.

  6. Thwart MANY of those attempts!?! by Anonymous Coward · · Score: 0

    So how many attempts were not thwarted?

    1. Re: Thwart MANY of those attempts!?! by Anonymous Coward · · Score: 0

      No worries, it's all good now. SWIFT now requires the users of the system to use MFA. Unless they really really don't want to.

  7. Swift is corporate theft by Anonymous Coward · · Score: 0

    Every bank and intermediary bank takes their cut in a transfer. There is no telling how much money will actually get there or when, it takes up to a week often. I can't wait till Chinese manufacturers all take Bitcoin, fuck this bankrobbery shit.