SWIFT, the interbank message carrier, revealed that customers had three new cyberbreaches over the summer and cautioned that attacks against banks in the network are ongoing.
According to a Wall Street Journal report, SWIFT issued the warnings as it moved to launch a new mandatory security requirement for its banking customers. Citing a speech SWIFT Chief Executive Gottfried Leibbrandt made at the company’s annual Sibos conference in Geneva, WSJ reported that Leibbrandt said a few months back he got calls from users that had security breaches to report. He noted that no money was stolen in the breaches.
The report noted the attacks followed a slew of cyberhits on SWIFT bank customers during the last several months, attacking banks in Vietnam, Ecuador and one in Bangladesh. In the Bangladesh incident, the thieves stole $81 million from the country’s central bank. In response, SWIFT issued security patches and made customers update their software. SWIFT encouraged banks that were hit with a cyberattack to share the findings on a part of the network that is restricted.
“The attacks will continue and get more sophisticated. We are certainly not taking a break,” said Leibbrandt, according to the WSJ report. “I believe that, in cyber, only the paranoid survive.”
The executive went on to say customers have to be responsible for their own security environments, but SWIFT can help them fight the bad guys since it said its core network wasn’t compromised in the hacks. The executive went on to say in his speech that some of the things the banks need to do are “the equivalent of basic hygiene,” including methods for securing SWIFT access credentials. Customers will also be required to self attest for their systems from a security perspective and do it on an annual basis.