https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Technologies


Why SWIFTs Days are Numbered and Whats Next

Why SWIFT’s Days are Numbered, and What’s Next

  • Written by Mike Baker
  • January 3, 2017
For many years, industry-specific technologies such as SWIFT enjoyed “security through obscurity,” but modern cyber criminals are more skilled, well-funded, and determined than ever.

Editor's note: This article references the Society for Worldwide Interbank Financial Telecommunications, which bears no relationship to "Swift Systems," a Maryland MSP of a similar name.

 

The CEO of SWIFT, a secure messaging system used by financial institutions, is scrambling to salvage the reputation of the decades-old network after several very high-profile hacks – but it may be too little, too late. 

SWIFT’s problems began in February, when the Central Bank of Bangladesh lost approximately $81 million after hackers used malware to steal the bank’s login credentials to the SWIFT system and used them to make several money transfers from the bank’s account at the Federal Reserve in New York to accounts in the Philippines and Sri Lanka.

In the immediate aftermath of the Bangladesh hack, several other banks, most located in Southeast Asia, reported hacks that may have involved the SWIFT system.

Then, in late June, a bank in Ukraine reported losing $10 million to a similar hack. Ukrainian officials have alleged that dozens more banks in Russia and Ukraine may have been victimized.

Since the SWIFT attacks involved banks in a number of countries, each with its own reporting rules, the problem may be far more widespread than reported. To date, the attacks have been confined to banks located outside the U.S., but the Bangladeshi breach originated at the bank’s account at the New York Fed, prompting the U.S. House of Representatives to launch an investigation into SWIFT and its customer banks.

What is SWIFT?

Created in 1974 as a more secure, less error-prone, and faster alternative to Telex messages, “SWIFT” stands for the Society for Worldwide Interbank Financial Telecommunications.

Although it plays a crucial role in international money transfers, it does not actually move money.

Instead, it provides a secure messaging network for financial institutions to transmit information and instructions using a standardized system of codes, which allows banks in different countries to communicate with each other. 

While hackers used SWIFT messaging to send the fraudulent money transfer requests, the SWIFT system itself was not breached, a point that the organization has emphasized since the attacks surfaced.

Hackers have not been able to intercept or alter messages others have sent through SWIFT.

Instead, hackers used malware to break into the end-user banks’ systems, remotely accessed their SWIFT terminals, and used them to send legitimate-looking but fraudulent messages.

In response to the hacks, SWIFT has promised to implement stronger security practices on its own end, including developing a behavioral analysis system like the ones used by credit card companies to identify suspicious card activity.

However, because the hacks originated in its end-user banks’ systems, SWIFT has also gone on the defensive, demanding that its customers implement stronger security procedures and even indicating that it may bar banks with inadequate security practices from using its network.

SWIFT is not wrong in calling for its user base to take on a share of the responsibility for information security; a system is only as secure as the organization that uses it, and the organization is only as secure as its employees.

However, there are serious questions as to whether the hacked banks – largely small institutions located in developing nations – have the monetary or human resources to implement adequate information security procedures.

Many security experts are asking why SWIFT and its customer banks did not address information security years ago, especially in light of the explosion in cyber crime over the past decade.

The methods the hackers used to compromise the banks’ systems were sophisticated in their execution, but they were not new, and the vulnerabilities at the end-user level have been an open secret for years.

Whether SWIFT can recover from the recent hacks remains to be seen.

However, SWIFT’s decades-long near-monopoly of its niche market means that it will probably take years for any serious competitor to emerge, and even when one does, it will face the same information security challenges. 

What Banks Can Do to Protect Themselves Right Now

The SWIFT attacks involved hackers using stolen login credentials, possibly obtained using spear-phishing or other social engineering techniques.

Banks must ensure that their employees undergo continuous training on cyber security awareness and best practices, including how to spot phishing emails and the importance of using strong passwords that are changed on a regular basis and never shared with anyone.

However, employee training is not enough. People make mistakes, and malicious insiders who purposefully violate the rules will always be an issue.

Banks must also implement technological defenses to augment the “human factor” in their cyber security plans, such as:

  • Giving employees sufficient system access to do their jobs, and no more. Access to a bank’s SWIFT terminals should be limited only to a small, select group of employees. User access levels should be reviewed on a regular basis. If an employee no longer needs to access a particular system to do their job, their access should be revoked.
  • Increasing the monitoring of high-level and privileged user accounts, such as those used to access SWIFT systems. Behavioral analysis can establish baseline user patterns and alert security personnel to deviations, such as logging in from an unusual location or attempting to access parts of the system to which an employee does not have access.
  • Establishing appropriate security levels for different types of transactions. Multi-factor authentication and additional verification should be required for sensitive or high-value transactions.
  • Establishing dedicated, 24/7 security operations centers (SOCs) to monitor systems and respond to incidents. Many banks do not have the resources to staff and maintain an SOC on their own, which is why they partner with a managed security services provider (MSSP). In addition to providing security expertise that may not be available in-house, MSSPs have the specialized hardware and software needed to operate a 24/7 SOC, monitor an organization’s entire network, immediately investigate unusual activity and respond to incidents.

 

While the hackers behind the SWIFT attacks used relatively common methods and tools, the attacks were clearly highly coordinated and meticulously planned.

The hackers were intimately familiar with the internal procedures of both the banks and SWIFT itself, indicating that they spent quite some time studying their targets before launching their attack.

For many years, industry-specific technologies such as SWIFT enjoyed some level of “security through obscurity,” but modern cyber criminals are more skilled, well-funded, and determined than ever, and the internet has made even the most obscure systems transparent.

“Security through obscurity” can no longer be banked on.

 

Mike Baker is founder and Principal at Mosaic451, a bespoke cybersecurity service provider and consultancy with specific expertise in building, operating and defending some of the most highly-secure networks in North America.

Tags: Agents Cloud Service Providers MSPs VARs/SIs Technologies

Most Recent


  • the software patching problem - solved
    The Software Patching Problem - Solved
    Organizations are struggling to keep up with the pace of software security patches and updates, making automation essential.
  • Making Waves
    7 Channel People Making Waves This Week at Pax8, Canalys, Microsoft, Splunk, More
    Over 100,000 unfilled jobs for IT professionals have been eliminated.
  • Public Cloud Spending Is Slowing: AWS, Google Cloud Sales Down (Not Out)
    The numbers mesh closely with Microsoft’s Intelligent Cloud results, indicating industry-wide pullbacks.
  • Collin Ellis at Zero Trust World 2023
    Zero Trust World 2023: A Deep Dive Into the Dark Web, ThreatLocker Gold Partner Awards
    Cybercriminals will steal data just to prove someone has bad security.

One comment

  1. Avatar Mrs. Arlene Duncan-Brown January 10, 2017 @ 9:32 pm
    Reply

    Does swift inform you that
    Does swift inform you that you have to pay taxes on money that you are entitled to from a settlement before it can be transferred to you . Sale of a timeshare is involved and taxes on the sale have already been paid,a suit against the company for lack of communication with the seller resulted in the seller being awarded some money and today I was informed that I have to pay taxes up front on this money.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Paying ransomware
    Feds Seize Most of Ransom Paid in Colonial Pipeline Ransomware Attack
  • Certified, certifications
    Expanded Nvidia Certification Program Includes Its DPUs, Arm Systems
  • IPO
    6 Things to Know About the Upcoming SentinelOne IPO
  • Acquisition fish eating little fish
    Deloitte Joins Cloud Cybersecurity Craze with CloudQuest Purchase

Upcoming Events

View all

Channel Partners Conference & Expo

May 1, 2023 - May 4, 2023

Channel Partners Europe

June 13, 2023 - June 14, 2023

Channel Futures Leadership Summit

October 30, 2023 - November 2, 2023

Galleries

View all

7 Channel People Making Waves This Week at Pax8, Canalys, Microsoft, Splunk, More

February 3, 2023

Post-TBI Acquisition, Partners Weigh the Future of AppDirect, TSDs

February 3, 2023

Juniper Networks Shows ‘Swagger’ with Ambitious Growth Strategy

February 3, 2023

Industry Perspectives

View all

The Software Patching Problem – Solved

February 3, 2023

How to Break Through the Growth Ceiling

February 1, 2023

5 Things to Look for in a UC Partner

January 31, 2023

Webinars

View all

Next-Generation MSP Platform: The Building Blocks for Your Business

February 15, 2023

How To Boost Your Business With White-Label UCaaS

February 28, 2023

Security Secrets of the MSP 501: How to Be a Cyber Leader in 2023

December 15, 2022
  • 1

White Papers

View all

6 UCaaS Reseller Challenges and How Real World Businesses Solved Them

February 1, 2023

Frost Radar: North American UCaaS Market, 2022

February 1, 2023

The Complete Guide to White-Label UCaaS for Reseller Success

February 1, 2023

Channel Futures TV

View all

Coffee with Craig and James Episode 117: Cato Networks, Video Killed the Podcast Stars

Retired Astronaut Capt. Scott Kelly Previews His CP Expo Keynote

December 21, 2022

Fusion Connect Eyes Future with Intrado UC, Managed Network Customers

September 23, 2022

RingCentral Focused on Hybrid Work, Microsoft Teams, Other Integrations

September 23, 2022

Twitter

ChannelFutures

Channel people making waves include: @RobTRae, @vasujakkal, @ReneeIMCloud, @garylsteele dlvr.it/ShvjQ3 https://t.co/yz09flzXvV

February 3, 2023
ChannelFutures

The slowdown in #publiccloud spending is real and it’s arrived at #AWSCloud and #GoogleCloud.… twitter.com/i/web/status/1…

February 3, 2023
ChannelFutures

#ZTW23: @ThreatLocker Gold Partners announced, deep dive into the dark web. dlvr.it/ShvFGF https://t.co/k68BfzLToq

February 3, 2023
ChannelFutures

Channel Partner Success Story: Forerunner Technologies - Learn how @NEC UNIVERGE BLUE Cloud Solutions enabled… twitter.com/i/web/status/1…

February 3, 2023
ChannelFutures

Partners and suppliers weighed in on the AppDirect-TBI acquisition and its implications for the channel.… twitter.com/i/web/status/1…

February 3, 2023
ChannelFutures

Read about @coxbusiness' acquisition of @Logicworks. dlvr.it/Shty4t https://t.co/3MaKai6SVr

February 3, 2023
ChannelFutures

Where in the world are the top MSPs?? Take a look at the infographic breakdown of 2022 #MSP501 winners by region >>… twitter.com/i/web/status/1…

February 3, 2023
ChannelFutures

.@SovosCompliance offers tips for how and when to revamp #partnerplans. dlvr.it/ShtDgv https://t.co/vPzajXnjee

February 3, 2023

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X