Global banks need to do more to protect themselves from cyberattacks after a “significant evolution” in the threat level in the last 18 months, according to the SWIFT global payments network.
Hackers are deploying increasingly sophisticated ways of breaching banks’ cyber defenses to launch finely orchestrated attacks, SWIFT said in a report co-written with defense contractor BAE Systems. Intruders can spend more than a year reconnoitering targets once they have gained access to their computer systems, the report said.
“Evidence from recent cases clearly demonstrates the attackers’ adaptability, patience, determination and growing sophistication,” the Society for Worldwide Interbank Financial Telecommunication and BAE Systems said in the report. “The rise in the threat level requires an equally concerted response.”
The number of reported cyberattacks against Financial Conduct Authority regulated companies alone rose to 89 in 2016 from five in 2014, Nausicaa Delfas, executive director at the U.K. regulator, said in April. A year ago, Tesco Bank, the lending unit of the U.K.’s biggest grocer, suffered an attack in which money was taken from about 20,000 consumer accounts. In February 2016, hackers exploited weaknesses in how banks connect to the SWIFT system to steal a record-breaking $81 million from Bangladesh’s central bank.
Cyberattacks are at the top of regulators’ concerns in the U.S. as well. Jerome Powell, President Donald Trump’s nominee to head the Federal Reserve, said at a confirmation hearing Tuesday that cybersecurity may be the biggest risk that U.S. banks face.