SWIFT Says Hackers Still Targeting Bank Messaging System

Hackers continue to target the SWIFT bank messaging system, though security controls instituted after last year's $81 million heist at Bangladesh's central bank have helped thwart many of those attempts, a senior SWIFT official told Reuters. From the report: "Attempts continue," said Stephen Gilderdale, head of SWIFT's Customer Security Programme, in a phone interview. "That is what we expected. We didn't expect the adversaries to suddenly disappear." SWIFT spokeswoman Natasha de Teran told Reuters that the attackers had attempted to hack into computers that banks use to access the organization's proprietary network, then create fraudulent messages to send over the SWIFT system. "We have no indication that our network and core messaging services have been compromised," she said. The disclosure underscores that banks remain at risk of cyber attacks targeting computers used to access SWIFT almost two years after the February 2016 theft from a Bangladesh Bank account at the Federal Reserve Bank of New York.

Hackers still following the money...

[mccrew]

Film at 11.

Re:

[Matheus]

Yeah... yawn... "The disclosure underscores that banks remain at risk of cyber attacks targeting computers used to access SWIFT almost two years after..."

Two years after... Ten Years After (Great band btw)... Ten centuries after (assuming our species is still kickin' it): They will still be hacking after that money, yo!

Dolla dolla bills.

Swift can do that?

[Ukab the Great]

Eat your heart out, JavaScript. Those Apple technologies are just too amazing.

Re:

[DontBeAMoran]

Rust is much better than Swift though. You can intuitively know from the name itself. Is there nothing better than rust? It's the nemesis of Metal, another Apple technology.

Re:

[sconeu]

Watch daemons written in Rust are the best, because Rust Never Sleeps.

And?

[Gravis Zero]

It's not like banks aren't being adequately compensated for their services. If they won't fund the creation of a bulletproof banking network that can withstand close scrutiny then they really only have themselves to blame.

Re: And?

[Camembert]

The network might be bulletproof, and from what I know it is well engineered, but if the a bank at the edge of the network has sloppy security practices, then conceivably fraudulent transactions can happen. With an analogy, If you write your paypal password on a post it note, and someone misuses it to do a payment, is paypal at fault?

Re:

[Gravis Zero]

The solution to that is easy: accountability, culpability and limitations on capability. Plenty of books have been written on ensuring secure practices and minimizing the level of damage any single idiot can do. If that part of your banking system is fucked up then you are in the wrong business.

Re:

[tlhIngan]

The network might be bulletproof, and from what I know it is well engineered, but if the a bank at the edge of the network has sloppy security practices, then conceivably fraudulent transactions can happen. With an analogy, If you write your paypal password on a post it note, and someone misuses it to do a payment, is paypal at fault?

Nope, but then again, the network wouldn't allow you to transfer funds from two unrelated banks - if a bank's poor security results in hackers having full access to their SWIFT

Asking for a friend

[fattmatt]

Asking for a friend ... if I recall the heist was 4 transfers totaling $81 Million, so at what point do multi million dollar transfers become an untraceable? At some point the money must leave the banking system but that is a lot of money to discreetly spend or cash out. I'm old and too lazy to read the articles.