Swift, which has about 11,000 bank members, said yesterday that it hadordered clients usingits Alliance Access interface software to install amandatory upgrade after attackers“successfully compromised the banks’ ownenvironments” in order to send messages.
Meanwhile, FireEye a cyber security group hired for the probe in Dhaka,said that it had“observed activity in other financial services organisations that islikely by the same threat actorbehind the cyber attack on Bangladesh Bank”.
The FireEye statement, which one person in the cyber security sectorsaid amounted to awarning of a criminal “campaign” targeting banks, followedan admission by Swift on Mondaythat it was aware of malicious softwaredesigned to prevent banks spotting fraudulenttransactions.
Swift is a global messaging network used by banks and other financialfirms across the worldto send payment instructions and has become a vital partof the global financial architecture.
“Central banks have been looking at cyber crime, first at their bankingsector and more recentlywith regard to their own websites,” said Nick Carver,publisher of Central Banking Publications. “But real-time gross settlementsystems and Swift are in a different league. Swift is the nervoussystem ofinternational payments. So central banks will be very concerned by thesefindings.”
“各国央行一直在关注网络犯罪,最初把目光投向其国内的银行业,近来又开始关注自己的网站,”《央行杂志》(Central Banking Publications)出版人尼克•卡佛(Nick Carver)表示。“但是,实时全额结算系统和SWIFT处在一个不同的层面。SWIFT是国际支付的神经系统。因此,这些发现将让各国央行非常担忧。”
In an audacious weekend raid that sent tremors through the world’s banks, thehackers sent 35fake orders from Bangladesh Bank via Swift to the central bank’s account atthe Federal Reservein New York.
在一个周末发起的震撼全球银行业的大胆攻击中,黑客假冒孟加拉国央行,通过SWIFT向这家央行在纽约联储(New York Fed)开设的账户发送了35个假指令。
The transfers totalled $951m, although the thieves made off with only$81m. They were sent infour batches to accounts in the Philippines after oneSri Lanka order was questioned by asuspicious correspondent bank and the NewYork Fed decided for undisclosed reasons not toprocess the other 30 orders.
On Monday the threat research blog of BAE Systems said that it believedthat it had identifiedcustom malware, malicious software, linked to theBangladesh heist.
It appeared to be part of an attack “toolkit”and wouldbe used to cover the attackers’tracks asthey sent forged payment instructions.
BAE researcher Sergei Shevchenko said the malware registered itself as aservice and operatedin an environment running Swift’s AllianceAccess software suite, allowing transactions to bedeleted and records changed.
BAE研究员谢尔盖•舍甫琴科(SergeiShevchenko)表示,该恶意软件把自己登记为一个服务,在运行SWIFT的Alliance Access软件包的环境中活动,使交易可被删除,记录可被变更。