Go to:

July 2018
< Jun Aug >
Leaguer Email Subscription

You are not currently subscribed. Click Subscribe below to receive the Leaguer email.

Hackers Steal $81 Million from New York Fed
Wednesday, May 18, 2016 6:40 AM

SWIFT, the provider of a network that moves hundreds of billions of dollars daily worldwide, said hackers used malware to target bank funds in recent cyberattacks, one of which resulted in an $81 million theft.

On Feb. 4, hackers used the SWIFT messaging system of Bangladesh’s central bank systems to submit 35 payment requests to the Federal Reserve Bank of New York, transferring $101 million to bogus accounts in the Philippines’ Rizal Commercial Banking Corporation and a Sri Lanka-based financial institution.

The New York Fed became suspicious and denied 30 of the requests, but not before the release of $81 million to a foreign exchange broker.

SWIFT, which facilitates secure and standardized communication among more than 11,000 banking and securities organizations, revealed that attackers exploited vulnerabilities in banks’ funds transfer initiation environments, prior to messages sent over SWIFT. The attackers bypassed the primary risk controls in place and initiated the irrevocable funds transfer process. The hackers also found ways to tamper with the statements and confirmations sometimes used as secondary controls, thereby delaying the victims’ ability to recognize the fraud.

SWIFT learned that cyberthieves used malware to target the PDF reader application used by customers to read user-generated PDF reports of payment confirmations. The company assured customers that its network, core messaging services, and software was not compromised.

“The attackers clearly exhibit a deep and sophisticated knowledge of specific operational controls within the targeted banks, knowledge that may have been gained from malicious insiders or cyberattacks, or a combination of both,” Morey Haber, vice president of technology at the Phoenix-based BeyondTrust, said. “The hackers allegedly learned from internal resources what systems need to be attacked, whom to contact, and what vulnerabilities should be leveraged. The art of the hack then became a simple exploit to exercise due to the insider threat.”

Haber also pointed out the insiders leaked critical information to make the heist occur quickly and successfully.

Ricardo Villadiego, CEO of the Doral, Fla.-based Easy Solutions, said, “The security of the whole system is as secure as the weakest link.”

Villadiego compared it to phishing attacks in which cyberthieves steal money from customer accounts without actually breaching the financial institution’s security.

“Similarly, once credentials to the SWIFT system are compromised, the security controls embedded into the SWIFT network are meaningless for the security of the systems,” he said. “The fraudulent transactions will be securely progressed within the SWIFT network.”