SWIFT tells banks to share information on hacks | Reuters

LONDON International financial messaging service SWIFT told clients on Friday to share information on attacks on the system to help prevent hacking, after criminals used SWIFT messages to steal $81 million from the Bangladesh central bank.

Earlier on Friday, Reuters reported that Wells Fargo, Ecuador's Banco del Austro (BDA) and Citibank, whose Managing Director, Franchise Risk & Strategy, Yawar Shah, is SWIFT's Chairman, did not inform SWIFT of an attack last year in which over $12 million was stolen from BDA.

The banks and Shah all declined to comment on why they did not inform SWIFT.

Banks use secure SWIFT messages for issuing payment instructions to each other. The network is considered the backbone of international finance but faith in its security has been rocked by the theft from Bank Bangladesh's account at the Federal Reserve Bank of New York.

SWIFT said in a communication to users on Friday that they should "immediately inform SWIFT of any suspected fraudulent use of their institution's SWIFT connectivity or related to SWIFT products and services."

SWIFT spokeswoman Natasha de Teran said banks whose SWIFT systems had been hacked should inform SWIFT. She said she was unable to say whether banks, such as Wells Fargo, that received messages they later discovered were fraudulent should inform SWIFT.

SWIFT is especially concerned about the use of malware to access interfaces with the SWIFT network. The Belgium-based co-operative, which is owned by its user banks, said it needed technical information from systems which have been compromised with malware to better understand the risks of attack.

Malware was used in the hacks on Bank Bangladesh in February and in the BDA case in January 2015.

"It is essential that you share critical security information related to SWIFT with us, "SWIFT said.

SWIFT told clients it would notify them as soon as possible of cases where malware had been used to attack systems "so that you can better target your preventative and detective efforts".

SWIFT did not inform clients about the BDA theft because it was unaware of it, a spokeswoman told Reuters.

(Editing by Greg Mahlich)

This story has not been edited by Firstpost staff and is generated by auto-feed.

Updated Date: May 21, 2016 00:03 AM

Also See