The Society for Worldwide Interbank Financial Telecommunication (SWIFT) has introduced a daily reporting system intended to help members of the financial messaging system identify fraudulent payments made over the network.
The new system arrives as SWIFT faces pressure to reign in the member institutions of the financial communication service. Earlier this year, hackers exploited weak security practices of SWIFT's customers to conduct cyberheists attacking the Bangladesh Central Bank and banks in the Philippines, Ecuador, Ukraine, among other institutions. A group of hackers also attempted a similar attack against a Vietnamese bank.
The reporting system will provide an “out of band” access to customer institutions to verify their local records independently.
Smaller institutions are “dependent on the accuracy of the data on their own systems, but in the event of a security breach, their locally stored payment and reconciliation data may be altered or unavailable,” said Stephen Gilderdale, head of SWIFT's customer security program, in a statement. “A key step in the modus operandi in recent wire fraud cases at customer firms involves the attackers concealing their fraudulent messaging activity on customers' local systems.”
Anomali Senior Threat Researcher Aaron Shelmire called the reporting system “a step in the right direction” for the international banking community. “It is going to take a long period of time for international clearing houses” to reach the level of security that is common for the retail banking sector, he told SCMagazine.com.
Nok Nok Labs vice president of products Rajiv Dholakia was less enthusiastic. He pinned the recent issues facing SWIFT members on lost or hijacked credentials that are being used to authorize transactions. “Until SWIFT is able to implement stronger authentication measures to authorize and monitor transactions, measures like reporting/monitoring and slowing transactions simply puts the burden back on the banks,” he wrote in an email to SCMagazine.com. “The assumption that local banks are able to maintain secure networks that can prevent intrusions is also a fallacy.”
While Strategic Cyber Ventures CEO Tom Kellermann supported the introduction of a realtime reporting system for wire transfer fraud, he said SWIFT's new reporting system “is not proactive security.” Kellermann wrote in an email to SCMagazine.com, “Being alerted that fraud is occurring is important, but many transactions are difficult to unwind.”
International clearing houses “did not think that they were at risk in the same way that the retail banking sector was at risk,” Shelmire told SCMagazine.com.
