More Banks Hacked Using SWIFT Messaging System

The attack that resulted in Bangladesh Bank losing $81 million (and nearly losing a further $850 million and $870 million in a foiled later attempt) has also affected other banks, Reuters reports.

According to the new information, SWIFT has sent messages to banks around the world of new breaches, but doesn't specify to what magnitude these breaches occurred.  It has, however, suggested that banks increase their security, and to stay particularly vigilant of activity via the SWIFT system.  The message later stated that, "The threat is persistent, adaptive, and sophisticated - and it is here to stay."

The original attack on Bangladesh bank used the SWIFT messaging system to transfer funds away from the bank, using malware on the bank's SWIFT terminals.  The original injection was via a network switch, and SWIFT have since stated that this switch and other use of legacy networking gear that was to blame, rather than SWIFT itself.

The new victims all shared one thing in common: Weaknesses in local security that attackers exploited to compromise local networks.  SWIFT has responded with security updates to it's software, but if local security is still lax, and banks don't upgrade to the new software (they have no obligation to), then these attacks may keep occurring.

With so much money on the line, we may see financial institutions deploying more network security tools, and upgrading their switches, in the next few weeks.

Source