SWIFT bank transfer network hacked

The SWIFT bank transfer network has been hacked.

The Society for Worldwide Interbank Financial Telecommunication (SWIFT) is a Belgian co-operative owned by 3,000 financial institutions. SWIFT is a secure network for sending financial transactions between these institutions. It's how international bank transfers are made.

SWIFT doesn't actually send money - it sends messages that instruct payments to be made between institutions. Banks have agreements with certain other banks in the network, and so when a payment instruction is received, payments are made. In theory, outsiders shouldn't have access and so SWIFT should be difficult to hack.

Unfortunately, the Bangladesh central bank had no firewall and second-hand routers, and so it was easily hacked into. The hackers obtained their SWIFT credentials and happily starting issuing payment transfers.

Almost $81 million was transferred before the hack was discovered. The hackers were attempting to transfer almost $1 billion, and were only detected because of a typo. The remaining transfers were cancelled, but there seems little prospect of catching the hackers, who could have been anywhere.

Technical details of the attack can be found here.

It's an important security lesson. The security of network infrastructure is irrelevant if one of the nodes is easily compromised. The SWIFT network has excellent security, but because one of the member banks was easily hacked, the entire system was put at risk.

Security audits need to consider all possible methods of entry onto a system. When it is a global network like SWIFT with widely varying security standards in different countries, this is extremely difficult to do.

Posted by John Faulds in