Question

The opening case, ‘Hackers Attack the SWIFT Global Banking Network’, discusses breaches in the system of several banks that are a part of the SWIFT network. The case is an example of the importance of information system controls. Explain some of the security risks associated with information systems as well as some security and control measures that can be implemented to protect against these security risks.

Hackers Attack the SWIFT Global Banking Network

SWIFT, which stands for Society for Worldwide Interbank Financial Telecommunication, is considered the Rolls-Royce of payment networks. It is a system used by more than 11,000 financial institutions worldwide to authorize payments from one account to another. SWIFT’s secure messaging system sends about 25 million messages on a typical day, including orders and confirmations for payments, securities settlements, and currency exchanges. Obviously, this is a very important system for global finance. If you receive a message from SWIFT, you can be sure it’s legitimate and move the money as expected.

SWIFT is a highly secure system, but apparently not secure enough. In early 2016 revelations surfaced about multiple attempts to use SWIFT messaging to rob financial institutions. Bangladesh’s central bank disclosed that in February 2016 it had lost $81 million to hackers who breached its security, accessed SWIFT, and tricked the Federal Reserve Bank of New York into sending funds it held for the bank to hacker-controlled accounts in the Philippines.

Each bank in the SWIFT network is identified by a set of codes. Hackers somehow managed to steal the Bangladesh bank’s credentials to transmit the messages and used malware targeting a PDF reader for checking statements. SWIFT’s core messaging system was not compromised. Security breaches occurred in the computers of individual institutions that interact with the system, and these computers remain the responsibility of individual SWIFT members. The hackers had access only to the compromised banks’ funds but not to the funds of the thousands of other institutions that use SWIFT. However, investigators have identified breaches at 12 other banks, including Vietnam’s Tien Phong Commercial Joint Stock Bank and Ecuador’s Banco del Austro.

How could this have happened? SWIFT isn’t regulated like a bank because it doesn’t hold funds or manage accounts. It’s overseen by the National Bank of Belgium and representatives from the U.S. Federal Reserve, the Bank of England, the European Central Bank, the Bank of Japan, and other major banks. Experts point out that the SWIFT system is based on flexibility and trust. A bank can choose to let employees open SWIFT’s main interface right from their desktop browser. That same feature that makes SWIFT easy to use also makes the system susceptible to hacking. Hackers apparently were able to obtain the banks’ SWIFT access codes, send authenticated but fraudulent requests to transfer funds, and cover their tracks with malware surreptitiously placed onto bank computer systems. These attacks showed a deep and sophisticated knowledge of specific controls at the targeted banks, which may have been acquired from insiders, cyberattacks, or both.

Most banks in the United States take special precautions with their SWIFT-linked computers, including multiple firewalls to isolate SWIFT from the bank’s other networks and even operating the machines in separate locked rooms. Unfortunately some banks in other countries take fewer precautions. The Bangladesh bank may have been especially vulnerable, using $10 routers and no firewalls, according to experts.

Security firms and intelligence agencies are still trying to learn who is behind the attacks. Symantec Corp, a leading security company, says the attacks resemble earlier hacking efforts attributed to North Korea.

SWIFT plans to toughen software requirements, expand the use of two-factor authentication (which provides additional identity checking), monitor compliance more rigorously, and provide more information about fraud detection. Ultimately, however, SWIFT can only do so much. The real solution must come from the participating banks themselves. And according to SWIFT CEO Gottfried Leibbrandt, fully armoring the network’s defenses is likely to take years.

The problems created by the $81 million theft resulting from break-ins to the SWIFT global banking network illustrate some of the reasons businesses need to pay special attention to information system security. The SWIFT system is a critical tool for global business. But from a security standpoint, as this case illustrates, the system was vulnerable to hackers who were able to access supposedly protected user authentication data.

The chapter-opening diagram calls attention to important points raised by this case and this chapter. The SWIFT system is flexible and easy to use and does not require the same high level of security among its participating institutions. Although major banks in the United States using the SWIFT network have strong information system security in place, the security used by other SWIFT network members for protecting global banking transactions was weak. Despite the strong security safeguards of the SWIFT network itself, criminals were able to break into the systems of SWIFT member banks and send false instructions over the SWIFT system to illicitly transfer funds to their accounts. SWIFT is now working with member institutions to upgrade their security, but it will take years before all participants in the network are fully protected.

Answer 1

Risk –
The major risk with the operation of SWIFT is that the privacy can be compromised as happened with Bangladesh. Hackers may get access to the network and crack the country’s bank code which can be eventually used to serve illegal purposes. SWIFT itself suggest banks to follow extra measures in order to secure the funds and the transactions.
Though SWIFT is one of the best payment gateways globally but the recent security breaches have put up a number of legitimate questions on the privacy. Hackers can get access to the funds of banks and transactions performed which is a serious threat to finance of any nation.
Solutions –
“Prevention is better than cure”, this statement is the only solution to this problem. US has taken extra measures by putting in the additional firewall security to protect the transactions and funds. Each and every bank/country should proceed like that. It was predicted that $10 router and no firewall security by Bangladesh was the major reason behind this security breach. Hence each and every organization should act in this manner to protect the data.
SWIFT itself suggests the organizations to use additional security measures for protection however SWIFT should also work on to strengthen the security of the network to avoid any further breaches.