EMEA, Breach, Channel markets, Content, Europe

SWIFT Attacks: Cyber Crooks Foiled Pursuing $1M from Russian Bank

Cyber crooks reportedly tried to steal $940,000, or 55 million rubles, from the Russian state bank Globex, using the SWIFT funds transfer messaging to pass bogus wire-transfers. It’s the latest incident in which hackers used the international payments messaging system to illegally ferry money out of banks.

In this heist, the cyber gangsters made off with about 10 percent of what they sought, or less than $100,000, Reuters reported, based on Russian news outlet Kommersant’s sources. The bank apparently discovered the attack in progress and took security measures to prevent the attackers from stealing most of the money they intended to pilfer. Apparently, the size of the attempted fake transactions clued the bank to the attack.

Globex president Valery Ovsyannikov said that the attempt occurred last week, but that “customer funds have not been affected,” Reuters reported.

Why is SWIFT A Hacker Target?

Why is the Belgium-based SWIFT, which stands for the Society for Worldwide Interbank Financial Telecommunication, such as juicy target for hackers? For one, it’s a financial messaging system used to transfer trillions of dollars every day between banks. Shane Shook, a cyber expert who has helped investigate some hacks targeting the SWIFT messaging network, told Reuters that at least seven distinct groups have been launching such attacks for at least five years. Most go unreported, he said.

The majority of international interbank messages use the SWIFT network, spanning more than 11,000 financial institutions in 200 countries exchanging an five billion financial messages a year, according to the organization’s website. SWIFT sends payment orders but doesn’t facilitate funds. Owing to the sheer volume and sensitivity of information it handles, it’s a hot spot for bad actors.

In the most notable of SWIFT attacks, in February, 2016, hackers walked away with $81 million from Bangladesh’s central bank using designer malware that enabled them to delete outgoing transfer requests and intercept incoming requests to ultimately move funds through the messaging network. And, in October, 2017, hackers stole $60 million from the Far Eastern International Bank in Taiwan by gaining access to its SWIFT terminal.

SWIFT Strengthens Security

SWIFT has since implemented tighter security and repeatedly warned banks to do the same. Along those lines, in late November, SWIFT and security specialist BAE Systems released a joint report on the cyber threat to the banking community.

As in other instances, SWIFT refused to discuss details of this latest caper. “We take cyber security very seriously, and we investigate all threats very seriously, taking all appropriate actions to mitigate any risks and protect our services,” the group said in a statement emailed to Reuters. “There is no evidence to suggest that there has been any unauthorized access to SWIFT’s network or messaging services.”

Globex is a part of the state development bank VEB. VEB plans to transfer Globex to the state property management agency, sources told Reuters.

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.