A series of spectacular cyber attacks against banks, resulting in the theft of tens of millions of dollars, has heightened fears for an industry becoming an increasingly attractive target for hackers.
Banks in Bangladesh, the Philippines, Vietnam and Ecuador have been victimized over the past year in the attacks on the global interbank service known as SWIFT, and some analysts expect more attacks to become public.
After news of the $81 million heist from Bangladesh's central bank became public in May, SWIFT said the incident was "not a single occurrence, but part of a wider and highly adaptive campaign targeting banks."
Since then, officials said banks have also been hit in the Philippines and Vietnam.
Meanwhile Ecuador's Banco del Austro claimed in a lawsuit that hackers made off with more than $9 million through fraudulent SWIFT transfer requests.
Cyber security specialists say these attacks are likely just the tip of the iceberg, and expect more revelations.
"Cyber criminals are no longer targeting grandmothers at home for small amounts, but going directly where the money is," said Juan Andres Guerrero-Saade, a researcher with the security firm Kaspersky.
Guerrero-Saade said it's not clear where the attacks are coming from, but that the hackers are using techniques similar to those developed for cyber espionage.
"I don't think this implies it's nation-states, it's more of an evolution," the analyst said. "It's criminal actors taking on some of those techniques."
Kaspersky researchers last year uncovered a hacker group which targeted banks in Eastern Europe, estimating losses totaling up to $1 billion.
Dan Guido, cofounder of the security firm Trail of Bits and hacker-in-residence at New York University's engineering school, said the recent security breaches are not surprising.
"I didn't think it would take this long," Guido said.
"There are a large number of attacks like this possible if someone has the resources to do it."
Guido said a relatively small team of determined hackers could carry out the kind of hacks that went through SWIFT, or the Society for Worldwide Interbank Financial Telecommunication, a Brussels-based network which is used by more than 11,000 financial institutions in 200 countries.
More aggressive security
The blame, Guido said, rests squarely with SWIFT for failing to bolster its software or require more secure hardware.
"It's clearly within their control to have prevented incidents like this," Guido said.
"They could have had more aggressive security requirements, they could have had protective hardware."
On July 11, SWIFT announced it had hired cyber security firms BAE Systems and Fox-IT while creating its own security intelligence team in an effort to thwart attacks.
In the United States, concerns have been raised among officials, industry leaders and lawmakers about potential threats to banks from hackers.
Data breaches in the past affected some tens of millions of JPMorgan Chase customers, and accounts from financial giant Morgan Stanley. And a congressional report in June found "major data breaches" at the Federal Deposit Insurance Corporation.
Senator Tom Carper last month asked the Department of Homeland Security for a briefing for an investigation into vulnerabilities of the US financial system.
The American Bankers Association in July joined with other financial and security organizations to warn of possible risks.
"While recent events targeted national financial institutions with access to a global payment network, financial institutions should assess the risk of all critical systems to ensure appropriate controls are in place," said the warning, calling for a series of new controls and safeguards against cyber attacks.
Doing reconnaissance
Christiaan Beek of Intel's McAfee Labs said the hackers that targeted SWIFT were well organized and resourceful.
"We can see that the attackers have done their reconnaissance properly and may have used an insider to get the details they needed to prepare their attack," Beek said in a blog post.
"The attackers have a very good understanding of the SWIFT messaging system and how to manipulate the system to prevent the detection of their fraudulent attempts of transferring the money."
Researchers at the security firm Symantec concluded that malware used in the bank hacks shared code with that used in the massive 2014 cyber attack against Sony Pictures.
Guido said it is entirely plausible that US banks could face similar attacks.
"I don't see why it can't happen here," he said.
"There are a lot of smaller banks that don't have expertise and guidance to protect their interconnections."
Guerrero-Saade said a key part of staying ahead of hackers is sharing information about threats to enable security solutions, since many companies fear disclosure would hurt their business.
"Sadly most companies don't tend to be very forward looking, they think that if they don't sound the bell themselves no one will find out," he said.
"It's much better for us to get ahead of this as an international community."
AFP
Sun Jul 24 2016
A series of cyber attacks against banks has heightened fears for an industry becoming an increasingly attractive target for hackers.
Millions in Cuba still without power as major outage persists
Millions of Cubans remain without electricity because of a prolonged outage at the main power plants on the island, Anadolu Agency reported.
Surge in Gaza violence increases famine risk, monitor says
About 1.84 million people across the besieged Palestinian enclave are living through high levels of acute food insecurity.
Israel pounds Beirut and Gaza after rockets hit Israel's north
A drone was launched at Prime Minister Benjamin Netanyahu's holiday home.
Elon Musk promises to award $1 mil each day to a signer of his petition
He awarded a $1 million check to an attendee of his event in Pennsylvania aimed at rallying supporters behind Donald Trump.
Former special forces commander Prabowo to take up Indonesian presidency
Indonesia's Prabowo Subianto will take over as president of the world's third-largest democracy after sweeping the country's election with policies like free meals for school children
Father of Malaysian Islamic banking, Abdul Halim Ismail passes away
His dedication and pioneering spirit played an important role in shaping the journey of Bank Islam as well as leaving a lasting impact on the development of Malaysia's Islamic finance industry.
Zayn Malik postpones US tour dates after One Direction bandmate Liam Payne's death
Payne, 31, died on Wednesday after falling from a third-floor hotel room balcony in Buenos Aires, shocking fans of the boy band.
Why voters in a handful of swing states will decide the US presidential election
The contest will almost certainly be decided by just tens of thousands of voters a tiny fraction of the populace in a handful of states.
INSIGHT - Sudan's war risks 'lost generation' of children
A devastating crisis is unfolding in Sudan, where the most vulnerable members of society children are bearing the brunt of the violence.
Who is Prabowo Subianto, incoming president of Indonesia?
A wealthy ex-general with ties to Indonesia's popular outgoing president and its dictatorial past, looks set to be its next leader.
Trump says he would impose tariffs on China if China went into Taiwan
Republican presidential candidate Donald Trump said he would impose additional tariffs on China if China were to "go into Taiwan,"
Iran's supreme leader says Hamas leader's death will not halt 'Axis of Resistance'
The "Axis of Resistance", built up with years of Iranian support, includes Hamas, the Lebanese Hezbollah group, the Houthi movement in Yemen, and various Shi'ite groups in Iraq and Syria.
Putin says Russia willing to seek compromises between Iran and Israel
Russia is ready to help seek compromises between arch-foes Israel and Iran, President Vladimir Putin said on Friday, saying these would be difficult but possible.
What proposals will Russia push at the BRICS summit?
The proposal is also to establish a BRICS reinsurance company to allow uninterrupted shipment of goods and key commodities between members.
Indonesia's free meals plan in the spotlight as Prabowo readies for office
Prabowo calls the programme one of the main drivers of economic growth, eventually set to add an estimated 2.5 million jobs.
Astro AWANI's revamped English news website, AWANI International, launches on Oct 21
Astro AWANI's revamped English platform delivers in-depth global news and expert analysis to keep you informed on key developments.
Israeli strikes kill 33 people in Jabalia refugee camp in Gaza, medics say
Residents of Jabalia said Israeli tanks had reached the heart of the camp after pushing through suburbs and residential districts.
Liam Payne's ex-partner calls for media restraint after 'painful' death
Cheryl Tweedy used her statement to urge the media to remember they had a seven-year-old son, Bear, who could read the reports.
Analysts: Indonesia's strong MoF leadership team to boost investor confidence
Sri Mulyani Indrawati as head of Indonesia's Ministry of Finance is expected to instil confidence among investors.
Biden offers both a carrot and a stick to Israel as his term nears an end
Israel has frequently resisted US advice and has caused political difficulties for the Biden administration.