Corporate treasurers are warned to check they have the latest Alliance Lite2 update and to check with IT on malware that compromised SWIFT software in the $81m Bangladesh bank heist.
Reuters reported yesterday claims by BAE Systems that software from SWIFT's financial platform was compromised during an attack on the central bank of Bangladesh in February 2016, in which $81 million was stolen.
SWIFT has confirmed that it is aware of malware targeting its client software and in a statement issued yesterday, the cooperative of 3,000 financial institutions said: “SWIFT is aware of a malware that aims to reduce financial institutions’ abilities to evidence fraudulent transactions on their local systems. Contrary to reports that suggest otherwise, this malware has no impact on SWIFT’s network or core messaging services.”
SWIFT spokeswoman Natasha Deteran told Reuters that SWIFT had released a software update on Monday to thwart the malware, along with a special warning for financial institutions to scrutinise their security procedures. She added that SWIFT may release additional updates as it learns more about the attack in Bangladesh and other potential threats. It is also reiterating a warning to banks that they should review internal security.
The organisation stated that it has “developed a facility to assist customers in enhancing their security and to spot inconsistencies in their local database records, however the key defence against such attack scenarios remains for users to implement appropriate security measures in their local environments to safeguard their systems - in particular those used to access SWIFT - against such potential security threats.”
Reuters reports that the Bangladesh central bank malware attack suggests that SWIFT could be more vulnerable than previously thought, due to weaknesses that enabled attackers to modify a SWIFT software programme installed on bank servers. The report stated: “The new evidence suggests that hackers manipulated the Alliance Access server software, which banks use to interface with SWIFT's messaging platform, in a bid to cover up fraudulent transfers that had been previously ordered.”
This is an issue for any corporate treasurers that connect to SWIFT with Alliance Lite2. Magnus Carlsson, the Association for Financial Professionals' manager of treasury and payments, told AFPonline: “Any corporates using Alliance Lite2, whether their TMS is installed or cloud-based, should make sure they have made the latest updates. Corporates should also check with their IT departments about the possible malware.”
Cyber threats: corporates must beware ransomware in 2016
Kapersky Lab yesterday published its report on IT security in 2015, which tracks the evolution of cyber threats in the corporate sector.
Corporate treasury on the Cloud: damned if you don’t, damned if you do
The new 'glibc' bug might make “everything on the Internet” vulnerable to attack, or at the very least it's a widespread code flaw that all companies should ensure is patched up and on their risk agenda.
Would technique used in $1bn cyber attacks on banks work in corporate treasury?
Carbanak gang penetrated bank systems using spear phishing that secretly releases malware into company’s system once opened. BUT Occupational Fraud ALREADY costs 1,000 TIMES forecast Cyber Fraud