Swift details plan to toughen cyber defences
Five “strategic initiatives” designed to help global financial community better prepare for future attacks, as Swift says it is "clear" the global community will be targeted again
Swift unveiled the details of a five-part cyber security plan on May 27, aimed at strengthening its defences and helping its customers improve their own.
The five "strategic initiatives" cover improved information sharing, enhanced tools, better guidelines and cyber audit frameworks, new methods of detecting abnormal activity, and the engagement of third-party firms to help customers build better defences.
Swift has been particularly focused on cyber security since the theft of $101 million from Bangladesh Bank in February. The heist was conducted via the Swift network, though Swift stresses it was not compromised. The security breach appears to have occurred at the central bank.
"While each individual Swift customer is responsible for the security of its own environment, the security of global banking can only be ensured collectively," Swift chief executive Gottfried Leibbrandt said in a statement. "It requires a collaborative approach between Swift, its customers, overseers, and third-party suppliers."
Under the initiatives, Swift will expect customers to provide more information to it as well as sharing intelligence and best practices. Customers will be expected to meet stricter security requirements – tailored to local conditions – while Swift interfaces will be upgraded with heightened security.
Swift also plans to develop audit standards and certification processes for the "secure management" of Swift messages at customer sites. "We will look into if and how customers' compliance to these baselines can be made transparent to, and enforced by, counterparties, regulators and ourselves," it said.
A key concern during the Bangladesh Bank heist was how long it took for authorities to detect the breach. Swift will "explore the feasibility" of tools to detect anomalies in its network, possibly rolling these out as an "opt in" service for customers.
Involving third-party providers of hardware, software, training and auditing will help customers improve their local defences, Swift believes. It suggests it can act as a go-between for many of these relationships – for instance, by bringing parties together at its conferences.
'Wider campaign'
Though banks and regulators have been stressing the importance of cyber risks for some time, a string of sophisticated attacks seems to have instilled a greater sense of urgency.
The Hong Kong Monetary Authority unveiled a cyber strategy with many common elements to the Swift plans earlier in May. Other central banks, including the Bank of England, are examining how to hold financial institutions to higher standards of cyber security.
A spokesperson for Payments UK, an industry body, says it operates its own cyber security team to identify threats and is helping members improve their defences. "Payments UK recognises that cyber threats now represent an academic 'wicked problem', being both complex and novel, that require a collaborative approach," he says.
New evidence in the search for the Bangladesh hackers recently linked the attack with other major cyber crimes, including, potentially, the 2014 attack on Sony and a heist on a Vietnamese commercial bank this year.
Researchers Sergei Shevchenko and Adrian Nish, writing in a blog post for BAE Systems, say the malware used in each attack seems to have a common element, implying the attacks are part of a "wider campaign", possibly by a single hacker.
A section of code, written in the same, somewhat dated, coding language appears in all three attacks. The code contains a feature to overwrite its files with random data and then delete itself, to make recovery of the information impossible. As Shevchenko noted in an earlier post, the perpetrators went to great lengths to cover their tracks and make resistance difficult.
The breadth of the attacks suggests financial firms are still vulnerable. "It is clear that the global community will continue to be targeted," Swift said.
This article originally appeared on Risk.net's sister website, Centralbanking.com.
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@risk.net or view our subscription options here: http://subscriptions.risk.net/subscribe
You are currently unable to print this content. Please contact info@risk.net to find out more.
You are currently unable to copy this content. Please contact info@risk.net to find out more.
Copyright Infopro Digital Limited. All rights reserved.
As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (point 2.4), printing is limited to a single copy.
If you would like to purchase additional rights please email info@risk.net
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (clause 2.4), an Authorised User may only make one copy of the materials for their own personal use. You must also comply with the restrictions in clause 2.5.
If you would like to purchase additional rights please email info@risk.net
More on Risk management
To liquidity and beyond: new funding strategies for UK pensions and insurance
Prompted by policy shifts and macro events, pension funds and insurance firms are seeking alternative solutions around funding and liquidity
More cleared repo sponsors join Eurex ahead of cross-margining
End of TLTROs for banks and pension fund search for liquidity management tools drives uptake
Reimagining model risk management: new tools and approaches for a new era
A collaborative report by Chartis and Evalueserve on how the use of automation can combat the growing complexity of managing model risk due to regulation and market volatility
What Goldman’s appeal victory means for Fed stress tests
Decision could embolden more banks to appeal, analysts say. But others believe result is one-off
Clearing members rattled as CME approved to launch its own FCM
National Futures Association registration sharpens concerns about conflict of interest with CCP
CME files application for US Treasury and repo clearing
New entrant believes direct user access model will avoid accounting problem that hampers rival FICC
UST repo clearing: considerations for ‘done-away’ implementation
Citi’s Mariam Rafi sets out the drivers for sponsored and agent clearing of Treasury repo and reverse repo
Gensler to stick to Treasury clearing timetable
SEC chief promises to keep up the pressure for done-away trades