Gottfried Leibbrandt, chief executive of the world’s largest interbank funds-transfer system SWIFT, has said repeatedly that the prospect of cybercrime is what keeps him awake at night.
The Wall Street Journal quotes him: “I think there is absolutely a shared sense of urgency,” Mr. Leibbrandt said. “There is also an appreciation of the complexity of this problem.”
They continued with: “We knew cyberrisk was a big deal for the industry, and it was only a matter of time before we saw something big happening,” he said. “But I had not expected it in this form: Someone finding their way into a bank’s key systems like this, and getting away with this amount of money out of the blue.”
Up to now, cyberheists in four instances have been documented, but this article revealed that there's more. Computer security firm FireEye Inc., hired by Bangladesh Bank to investigate its breach, is looking at suspected attacks on at least eight other banks, all of them in Asia.
“We are seeing the same threat actors target some of our customers,” said Bryce Boland, chief technology officer for the Asia-Pacific region at FireEye. “I’m fairly confident other breaches are taking place.”
What To Do About It
It is clear that at this point in time, any organization needs to step up their cybersecurity game. Specifically, they need to put programs in place to manage the ongoing problem of social engineering and spear phishing which has been causing almost all of the major data breaches at companies like Target and governmental agencies like the Office of Personnel Management.
SWIFT continues to assert that their messaging system is safe, but if participating banks are hacked and bad guys can get their hands on the authorizations and confirmation protocols to use SWIFT, that is a moot point. Individual Financial Institutions need to increase their security, specifically their security awareness training programs to make sure employees do not fall for phishing attacks.
Once employees spot the red flags related to phishing, they can click KnowBe4's free Phish Alert button to delete the phish and get it forwarded including all headers to your Incident Response team.
Don't like to click on redirected buttons? Cut & Paste this link in your browser:
https://www.knowbe4.com/free-phish-alert
The "Society for Worldwide Interbank Financial Telecommunication" co-op processes billions of money transfer messages per year between banks. They serve more than 10,000 banks across 200 countries with varying levels of sophistication.