Swift action required, says global banking network

The past 18 months have seen a significant evolution in cyber-threats facing the global financial sector, the Society for Worldwide Interbank Financial Telecommunication (SWIFT) has warned.

Brussels-based SWIFT, which provides a global network for financial institutions to send and receive information, has released a new threat report following last year’s Bangladesh Bank hack, where thieves were found to leverage its systems to steal more than $80 million.

Created in partnership with BAE Systems, the report details how hackers are employing increasingly sophisticated methodologies in order to execute well-planned and finely-orchestrated attacks.

Current techniques include gaining operating system administrator rights, manipulating software in memory, and tampering with legitimate functionality to bypass two-factor authentication.

Based on insights gained from detailed forensic examinations of a range of recent cyber-attacks on SWIFT customers, the report underlines the value of threat information sharing, and showcases how the resulting findings can be used to help protect against future threats.

As well as detailing the attack approaches, the report provides a useful summary of the safeguards financial institutions need to put in place to protect against the threats – from basic perimeter to internal security measures.

“The inevitable criminal focus on the financial industry means that the community needs to ensure it has effective cyber defenses against well-funded, motivated and organized attackers,” said Dries Watteyne, SWIFT’s head of customer security intelligence.

Click here to download the report.