SWIFT hack raises concerns about money transfer security
International financial institutions are on high alert following revelations that the SWIFT (the Society for Worldwide Interbank Financial Telecommunication) network has been hacked.
The news came after the SWIFT cooperative sent its members a warning that its messaging service had been partially compromised. In response, central banks and their commercial partners around the globe have been examining ways to tighten their cybersecurity.
So how did the hackers manage to gain access to one of the world’s most sophisticated banking systems? And how might this situation affect those wanting to make an international money transfer? The Money Cloud explores.
$81 million stolen
The attack making recent headlines was aimed at the Bangladeshi central bank’s account at the Federal Reserve Bank of New York. Criminals attempted to transfer $951 million over to accounts in the Philippines and Sri Lanka. While most of the transactions were fortunately blocked – following a typo which raised questions – $81 million went missing and is yet to be traced.
Full details of the attack have not been disclosed, but it’s being reported that the hackers used malware to make the transfers and cover their tracks. Seemingly, the hackers broke into the Bangladesh Bank’s computer system, sent forged payment instructions and then used the SWIFT Alliance Access software to hide the transaction records.
Basic security failures
However, this heist relied not just on clever malware but also on serious security lapses. Bangladeshi police have described how the bank had no firewall and relied on cheap switches (switches connect computer network devices together and receive, process and forward data) which didn’t isolate the bank’s local area network from its SWIFT systems.
Pressure to tighten security
SWIFT has stressed that neither its network nor its core messaging services have been impacted by the malware. Nevertheless, it has also revealed that the Bangladesh attack was not an isolated incident and is emphasising the need for users to rapidly secure their systems. To enable this, SWIFT has issued a software update to its 11,000 members.
Some cybersecurity experts are concerned that updates and warnings are not enough – they’re recommending that further security is required. An example of such a safeguard would be two-factor authentication (or 2FA), whereby a user needs two components to authenticate their identity – examples of these would be a physical object like a bank card, secret knowledge such as a password and biometric information.
Is blockchain the answer?
More drastic measures are also being considered. Blockchain, which encrypts data and distributes it across multiple computers – making the data more difficult to hack – is attracting attention. SWIFT, as well as governments and other financial institutions, have expressed interest in the technology.
Individuals and businesses involved in sending money overseas can learn from these recent events. For instance, look out for money transfer services which utilise 2FA – PayPal and Venmo are good examples.
You can also use The Money Cloud to transfer money overseas – it’s as safe an option as any you’ll find. We ensure that all our brokers are vetted by the UK’s Financial Conduct Authority and that transfers are kept in separate accounts from the broker’s own. Contact us for a friendly chat about how we keep your transfers safe.