ABA, FS-ISAC Issue Statement on SWIFT Compromises

In response to recent high-profile compromised communications sent through the SWIFT communications network, the American Bankers Association — together with the Financial Services Information Sharing and Analysis Center and other financial groups — today issued a statement with insight and analysis on the incidents, as well as recommendations for mitigating cyber risks.

The statement came after a widely reported sequence of hacks that used malware to issue unauthorized payment orders through the Society for Worldwide Interbank Financial Telecommunication, or SWIFT, network, which is used to verify the authenticity of transaction requests. The groups noted that the attacks appear to follow traditional account takeover tactics, where cybercriminals use a variety of tactics including phishing and social engineering to target victims with malware, steal credentials, and use the information to conduct transactions. Thus far, banks in Bangladesh, the Philippines and Vietnam have been affected, with losses estimated at around $81 million thus far.

“Many financial institutions around the world have already implemented security practices and controls that defend against these types of attack tactics. Those that have not should implement security controls based on best practices immediately,” the groups warned. “While recent events targeted national financial institutions with access to a global payment network, financial institutions should assess the risk of all critical systems to ensure appropriate controls are in place.”

To protect themselves from cybercrime, financial institutions should update their cyber risk assessments; maintain strong awareness of the current threat environment through information sharing; deploy and maintain strong access controls, operating procedures, and data hygiene and maintenance protocols; and coordinate with their financial regulators on any supervisory review of payment system controls, the groups said.