SWIFT is putting the pressure on its members to enhance their cybersecurity capabilities, according to reports by SC Magazine.
According to the publication, SWIFT is encouraging and, in some cases, threatening its member banks to deploy more sophisticated cybersecurity measures. The efforts follow last year’s high-profile cyberattack in which thieves stole $81 million from the Bangladesh central bank by infiltrating the SWIFT network. Multiple other cyberattacks on the SWIFT network came to light soon after.
“The proactive intelligence-gathering and forensic work being undertaken by our Customer Security Intelligence team, as well as customers’ active use of our Indicators of Compromise and their deployment of our latest software updates … [and] the heightened customer vigilance and improved information flow between customers and SWIFT have all contributed to frustrating recent attack efforts,” said SWIFT’s managing editor and head of its Customer Security Program, Stephen Gilderdale, in an interview with the publication.
“Fortunately,” he continued, “a good number of recent attacks have been ultimately thwarted. In a few instances, the correspondents have observed and stopped suspicious messages; in others, the attacks have been identified, and the frauds ultimately prevented as a direct result of measures introduced through the CSP.”
The Customer Security Intelligence team was launched in May last year in an effort to ensure its member FIs comply with SWIFT’s recommended cybersecurity requirements. Those recommendations include two-factor authentication, as well as the integration of SWIFT security software, reports said.
But some analysts say, in the wake of last year’s hacks, SWIFT must continue to boost security measures to regain trust of its users.
“I believe that there has been an impact [on] confidence in SWIFT and their inability to take prompt and effective action to cyberattacks,” said Patricia Hines, a Celent corporate banking senior analyst. “It seems likely that the original malware has been shared among other malicious actors, and without a significant change to the underlying SWIFT programming code base, that malware will continue to be effective.”