Financial messaging services provider SWIFT has outlined a series of measures in response to a series of actual and attempted thefts carried out on banking customers.
They follow a pledge made last week by SWIFT’s chief executive officer (CEO) Gottfried Leibbrandt that security upgrades and better information sharing would be introduced for its inter-bank transfer system.
In addition to increased information-sharing between banks, tougher security requirements will be introduced for bank software that interface locally with SWIFT’s network, including greater use of two-factor authentication when banks shift funds.
There will also be new audit and certification frameworks and standards and a greater use of tools to detect fraudulent transactions over SWIFT.
The most notorious attack occurred in February, when Bangladesh’s central bank lost US$81m. In addition, Ecuadoran bank Banco del Austro SA lost $12m, and similar methods were employed against a bank in the Philippines and Vietnamese bank Tien Phong.
Security software and services company Symantec believes that the gang that carried out the heist of the central bank of Bangladesh, was also behind the attacks on the Vietnamese and Philippines banks.
According to Symantec, the tools known to have been used in all of the attacks except for Banco del Austro share code similarities. It claims that an analysis of the code links it to a “threat group” known as Lazarus. The tools used in the attacks against Banco del Austro haven’t yet been identified
“Symantec has identified three pieces of malware which were being used in limited targeted attacks against the financial industry in South-East Asia: Backdoor.Fimlis, Backdoor.Fimlis.B, and Backdoor.Contopee,” stated a blog post by Symantec’s Security Response team.
“At first, it was unclear what the motivation behind these attacks was; however code sharing between Trojan.Banswift (used in the Bangladesh attack used to manipulate SWIFT transactions) and early variants of Backdoor.Contopee provided a connection.”
Symantec added that security software and services companies are cooperating closely in an initiative called Operation Blockbuster in a bid to better protect themselves and their clients against Lazarus. As part of the initiative, vendors are circulating malware signatures and other useful intelligence related to these attackers.
“The discovery of more attacks provides further evidence that the group involved is conducting a wide campaign against financial targets in the region,” stated Symantec.
“While awareness of the threat posed by the group has now been raised, its initial success may prompt other attack groups to launch similar attacks. Banks and other financial institutions should remain vigilant.”
Despite being behind the likes of Europe and China, the US payments industry is now rapidly advancing, said Anish Kapoor, CEO of AccessPay told GTNews in an exclusive interview.
When it comes to corporate innovation, debates on technology and sponsoring commercial activities have a limited value threshold if it is not coupled with innovative actions, Omeed Mehrinfar, Plug & Play, told an audience of treasurers.
Using data for predictive analytics is the future of banking success, argued Jean-Laurent Bonnafé, CEO of BNP Paribas, in his session on how the bank is reinventing its approach to innovate with and for corporates.
The annual BNP Paribas Cash Management University kicked off on Thursday morning with treasury professionals congregating in Paris from across Europe.