Monday, June 6, 2016

The CEO of SWIFT says he expects "more hacking surprises"

The executive chief of interbank messaging system SWIFT said in an interview with the British media that are expected more news about theft as those suffered recently by several banks, where confidence in the SWIFT system was compromised. The reason, according Gottfried Leibbrandt, CEO of SWIFT, is that it will take years to assemble and improve the defenses of this system.

Leibbrandt made these not much optimistic statements in the London office of the Cooperative Society for Worldwide Interbank Financial Telecommunication (SWIFT): "We do not believe that this issue will be solved in one night, although we will seek ways to improve it in the short term, with some quick moves". But the full deployment, he said, will be a matter of years".

The role of SWITF in payments between banks is based in the trust on their network. If this trust has been compromised, the whole system stops working then, when receiving a bank SWIFT message, you must be sure that it is legitimate to move the money as instructed. This confidence has been the basis of international payment system during its four decades of operation. But now we have to rebuild this trust, after the known thefts so far to a dozen banks, starting with the Central Bank of Bangladesh, where they stole 81 million dollars.

"The amounts stolen are impressive, for those amounts, to the criminals worth their while develop malicious programs tailored and put a great effort to achieve their goals", said CEO of SWIFT, who spoke for the first time to the media directly on attacks since the start of this crisis, one of the largest banking crisis in history.

However, the SWIFT cooperative insists that the core of its system of interbank messaging has not been compromised but the security breach occurred on computers that interact with the system, so that responsibilities are individual members, 11.000 institutions using the network. No SWIFT. 

However, there are indications that the SWIFT approach aimed at non-intervention in the safety of its members has proved untenable. In fact, last week Leibbrandt unveiled a five-point plan to improve the defenses of their networks, which could include a security audit of its members.

In the case if the Central Bank of Bangladesh, the Federal Reserve Bank of New York with false message SWIFT was cheated for money to accounts controlled by hackers in the Philippines is command them. These impersonaron to bank staff to send messages and installed malware attacking a PDF reader used to check messages. According to SWIFT, the machines involved are the responsibility of its members.

Leibbrandt not hesitate to broach that "there is a world before and after Bangladesh. We are facing a big problem and the industry must face it. And we want to help", he said. It has also spoken of disgruntled employees who were acting from within and have recently been expelled, which Leibbrandt not denied or said, but said: "We would be fools if we leave something out of our research and improvements".

Another point to improve, according to the CEO of SWIFT, should be the communication between members, who should abandon the reluctance to share information on cyber attacks. To Leibbrandt it is unacceptable that he had to be notify of some chapters of this great breach of security by the press and not by the members. The security and intelligence agencies are still trying to find out who is behind the attack.


Post a Comment