SWIFT are tackling their cyber security problems by focusing on SWIFT’s member security set and systems. They have engaged expert cyber security firms BAE Systems and Fox-IT  and created a dedicated Customer Security Intelligence team, bringing together a strong group of IT and cyber experts to investigate security incidents within customer environments.

• Customer Security Programme
• In the recently launched Customer Security Programme the mode of operation will be as follows:
• the expert firms will complement SWIFT’s in-house cyber security expertise and work closely with SWIFT’s newly formed Customer Security Intelligence team to support SWIFT’s customer information sharing initiative and to help strengthen cyber security across the global SWIFT community.
• SWIFT will undertake forensic investigations on customer premises related to SWIFT products and services. These will complement the internal investigations being carried out by affected customers. 
• SWIFT will also feed related intelligence – in anonymised form – back to the wider SWIFT community in order to help prevent future frauds in customer environments. SWIFT’s information sharing initiative has grown significantly since its launch, and now includes detailed intelligence and analysis on the modus operandi of attackers in recent customer fraud cases
• SWIFT has published an inventory containing some of the specific malware used in reported attacks, as well as indicators of compromise (IoCs) that SWIFT has developed to assist other customers in detecting threats operating in their environments.
• SWIFT will continue with its efforts to gather and share anonymised customer security information with its community to help prevent future fraud cases and to facilitate information sharing on best practices and innovation in cyber defence.
• SWIFT is also sharing relevant security information with its oversight bodies, appropriate Information Sharing and Analysis Centre (ISAC) groups and other forensic firms.

SWIFT Chief Technology Officer, Craig Young, explained that: “Customer intelligence, including intelligence related to attacks that have ultimately failed, is crucial to helping us continue protecting our community. Information we have already received from impacted banks has allowed us to identify new malware and to publish related IoCs which are helping to protect the wider community. An important dependency of this initiative is SWIFT’s timely receipt of information from affected customers. We therefore continue to remind customers that they are obliged to inform SWIFT of such incidents as soon as possible, and to proactively share all relevant information with us so we can assist all SWIFT users.”