SWIFT, the financial messaging system used by 11,000 banks throughout the world, admitted this week that it's vulnerable to hackers if they penetrate its member financial institutions. It shouldn't be major news: Thieves go where the money is, and more than half of the 25.8 million messages a day that the network carried in March were meant to transfer money. Yet SWIFT's hacker problem is a great illustration of how globalized finance can get out of hand.

SWIFT's warning, sent to members over its secure network, tells them about “a number of recent cyber incidents in which malicious insiders or external attackers have managed to submit SWIFT messages from financial institutions' back offices, PCs, or workstations connected to their local interface to the SWIFT network.” Of these incidents, only one is well-known—February's Bangladesh Bank heist, which could easily provide the plot for a cyberpunk novel. On Monday, U.K.-based BAE Systems' cybersecurity division provided the technical details of how the hack probably worked, having found malware that was likely used for the hack on an online malware repository.

The perpetrators tried to transfer $951 million to the Philippines and Sri Lanka from the account Bangladesh's central bank holds with the New York Federal Reserve. The Philippine bit worked without a hitch: $81 million went to accounts at the Rizal Commercial Banking Corp., set up in the names of two Chinese businessmen (who deny they had anything to do with it), then passed through several local casinos that are exempt from money-laundering regulations and left the Philippines in an unknown direction.

Continue Reading for Free

Register and gain access to:

  • Thought leadership on regulatory changes, economic trends, corporate success stories, and tactical solutions for treasurers, CFOs, risk managers, controllers, and other finance professionals
  • Informative weekly newsletter featuring news, analysis, real-world case studies, and other critical content
  • Educational webcasts, white papers, and ebooks from industry thought leaders
  • Critical coverage of the employee benefits and financial advisory markets on our other ALM sites, PropertyCasualty360 and ThinkAdvisor
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.