BBC reports second major bank cyber-attack following Bangladesh raid
It’s been another eventful few months for high profile cybercrime. In the wake of last year’s very public TalkTalk hack, SWIFT (Society for Worldwide Interbank Financial Telecommunication) has this year reported not one, but two instances of devastating cyber-attacks that have targeted high profile organisations in the commercial banking sector.
Back in February, a cyber-attack aimed at stealing cash from Bangladesh’s central bank at New York’s Federal Reserve was reported to have cost the organisation in the region of $81m (or £56m). In the investigation that followed, the extent of this attack was largely attributed to the central bank network’s lack of adequate security controls – including the fact that they had no functioning firewall, and that they were connecting to global financial networks using second-hand $10 internet routers.
Given the circumstances, it is incredibly fortunate that the bank’s total loss was in the region of millions; rather than the 1 billion dollars that the cyber-theives were allegedly out to steal. It was later revealed that a simple spelling mistake in one of the transfer orders was what had alerted staff to the attack, and stopped much of the money going astray.
However, to think that cyber criminals are only out to target financial institutions whose systems are clearly substandard would be a grave misconception. Last week, SWIFT reported a second attack that targeted a commercial bank in a similar manner. Although SWIFT and the wider media has not as yet revealed the organisation question – or indeed if any money has actually been taken – it did report that the techniques employed in this attack bore a remarkable resemblance to those used in the February attack on the Bangladesh central bank. What this shows us is that these attacks are not isolated in nature, but rather what SWIFT called, “part of a wider and highly adaptive campaign targeting banks”, that exhibit a, “deep and sophisticated knowledge of specific operational controls.”
“We are all vulnerable, regardless of role or seniority. An effective way of managing this risk is via a good cyber awareness programme that promotes good cyber behaviours and teaches all staff about their role in maintaining the cyber resilience of the company.”
–Mark Logsdon, AXELOS Cyber Security
As the growing prevalence of cyber-attacks such as these proves, cyber resilience rightly remains a hot topic for financial institutions. Mark Logsdon from our Cyber Security training partner, AXELOS, says: “The details of these high profile attacks remain subject to speculation, however they appear to be very similar to that carried out on Sumitomo Mitsui Banking Corporation (SMBC) in London back in 2005. In that attack criminals sought to create a series of SWIFT money transfer orders with an estimated value of £220M. Similar to these recent attacks they were only foiled by a combination of a vigilant member of staff and a simple error in the transfer order.
“An effective and consistent controls environment is key to preventing cyber-attacks”, he continues, “including those that are far less sophisticated than this one. This includes technology, process and critically people based controls. We know that over 90% of all cyber-attacks start with the unwitting action of a member of staff, i.e. they click on a link, open up an attachment contained in an email or innocently provide a critical piece of information to an attacker. The impact on the company or to us individually can be devastating.”
AXELOS is a joint venture between the UK Government (Cabinet Office) and Capita plc. They own and develop global best practice, including ITIL, Prince2 and RESILIA, used by millions of users in thousands of organisations around the world. Find out how Unicorn can help safeguard your entire organisation with our RESILIA cyber awareness learning here – brought to you through our partnership with AXELOS.
Alternatively, read more about Cyber Crime at the BBC website here.