SWIFT, the global financial messaging system, on Tuesday disclosed new hacking attacks on its member banks as it pressured them to comply with security procedures instituted after February’s high-profile $81 million (62 million pounds) heist at Bangladesh Bank.
In a private letter to clients, SWIFT said that new cyber-theft attempts – some of them successful – have surfaced since June, when it last updated customers on a string of attacks discovered after the attack on the Bangladesh central bank.
“Customers’ environments have been compromised, and subsequent attempts (were) made to send fraudulent payment instructions,” according to a copy of the letter reviewed by Reuters. “The threat is persistent, adaptive and sophisticated – and it is here to stay.”
The disclosure suggests that cyber thieves may have ramped up their efforts following the Bangladesh Bank heist, and that they specifically targeted banks with lax security procedures for SWIFT-enabled transfers.
The Brussels-based firm, a member-owned cooperative, indicated in Tuesday’s letter that some victims in the new attacks lost money, but did not say how much was taken or how many of the attempted hacks succeeded. It did not identify specific victims, but said the banks varied in size and geography and used different methods for accessing SWIFT.
A SWIFT spokeswoman declined to elaborate on the recently uncovered incidents or the security issues detailed in the letter, saying the firm does not discuss affairs of specific customers.
the theft of more than $12 million from Ecuador’s Banco del Austro and a failed attempt later in 2015 to steal money from Vietnam’s Tien Phong Bank.
The attacks have prompted regulators globally to press banks to bolster defences.
The Bank of England in April ordered UK firms to detail actions to secure computers connected to the SWIFT system, while the European Banking Authority in May said domestic authorities should stress test banks for cyber risks.
The Federal Reserve and other U.S. agencies told banks in June to review protections against fraudulent money transfers.
Six U.S. senators on Monday urged the G20 nations to agree when they meet at a summit this weekend on a “coordinated strategy to combat cyber-crime at critical financial institutions.”
(Reporting by Jim Finkle in Boston. Additional reporting by Jonathan Spicer in New York.; Editing by Brian Thevenot.)