Back in 2016, the Bangladesh Bank’s IT system was hacked, and an attempt to illegally transfer almost USD $1 billion was made. This cyber-attack – one of the largest ever – focused on exploiting the SWIFT messaging system, with the fraudsters sending out spoof payment messages across the SWIFT network. In the end, the hackers got away with around USD $101 million, the rest being blocked by the Federal Reserve Bank of New York.
More than 30 million messages are sent across the SWIFT network every day, making the verification of payment and due diligence across parties hugely complex. And with complexity, comes room for exploitation.
But what are the risks, and how widespread are attacks? To find out how bad actors and fraudsters are targeting messaging networks, and how institutions are handling the threat, we recently conducted a survey: “How Banks are Combating Cyber Attacks on Their Payments”
Join us for a whistle-stop tour of the results – collected from 200 banks in the U.S., Europe, UK, Asia-Pacific, Scandinavia, Gulf Cooperation Council countries (GCC), and Eastern Europe (including Russia) – to uncover the true scale of SWIFT messaging fraud across the globe...
SWIFT attacks are increasing
Two-thirds of survey respondents told EastNets of increasing cyber-attacks that focused on SWIFT payments. The vast majority were hacking attacks, with over 80% of banks being targeted.
Does bank size matter?
Yes, but it’s actually the smaller institutions who’re being targeted more. 88% of smaller banks (USD$1 billion-10 billion) saw increasing cyber-attacks between 2016-2019, whereas 60% of larger banks (USD $100 billion+) reported an increase.
Criminals without borders
Cyber-criminals are cross-jurisdictional in their endeavor to commit payment fraud. EastNets researchers found that 60% of banks in the U.S. and between 81-85% of banks in Europe have been targeted by cyber-criminals attempting to exploit SWIFT payments. This figure reaches 90% in GCC countries and a staggering 100% in Asia-Pacific. Seven different hacking groups have been identified as being behind most SWIFT payment-focused attacks.
Insider attacks
The majority of cyber-attacks on financial institutions’ SWIFT Payments are cyber and external. However, of the 200 banks surveyed, 1 in 7 (14%) experienced an insider attack from an employee or contractor working at the bank. This number increased to 17% in Asia-Pacific. The implications of the insider element, whilst seemingly small in comparison to external attacks, casts a long shadow. As the report points out, an issue that may impede protective measures is from “banking leaders who believe SWIFT fraud is never committed from within.”
Why are SWIFT payments at risk?
In short: size. Advanced and persistent cyber-attacks are prevalent across all industries, but the lure of large financial payouts through SWIFT payment platform exploitation is seemingly too much to resist, as is evidenced by our report findings.
Payment messages are a honeypot for cyber-criminals. The vast network of payments and the huge number of daily transactions create a massive attack surface, which is why extra vigilance must be adhered to when using your SWIFT payment messaging protection.
The way forward
The key to preventing attacks is to thoroughly understand them. To that end, you can read our post on messaging network attack vectors and vulnerabilities here.
The most important takeaway, though, is that our survey highlights a problem: that attacks against the SWIFT payment network need to be taken more seriously than they are. Thankfully, Eastnets has the solutions your institution needs for constant protection – not just within your messaging network, but end-to-end across all your operations.
To find out more, you can explore our SWIFT products here.
By Mohammad AlKayed | Senior Information Security Engineer, Eastnets