Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
SWIFT
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
===Security=== {{See also|Bangladesh Bank robbery}} In 2016 an $81 million theft from the [[Bangladesh]] central bank via its account at the New York [[Federal Reserve Bank of New York|Federal Reserve Bank]] was traced to [[Hacker (computer security)|hacker]] penetration of SWIFT's Alliance Access software, according to a ''New York Times'' report. It was not the first such attempt, the society acknowledged, and the security of the transfer system was undergoing new examination accordingly.<ref>Corkery, Michael, [https://www.nytimes.com/2016/05/01/business/dealbook/hackers-81-million-sneak-attack-on-world-banking.html "Hackers’ $81 Million Sneak Attack on World Banking"], ''The New York Times'', 30 April 2016. Retrieved 1 May 2016.</ref> Soon after the reports of the theft from the Bangladesh central bank, a second, apparently related, attack was reported to have occurred at a commercial bank in Vietnam.<ref name="Second Attack Reported NYT">{{Cite news |last=Corkery, Michael |date=12 May 2016 |title=Once Again, Thieves Enter Swift Financial Network and Steal |work=The New York Times |url=https://www.nytimes.com/2016/05/13/business/dealbook/swift-global-bank-network-attack.html |access-date=13 May 2016}}</ref><ref name="ReutersSpecialReport">{{Cite news |last1=Bergin |first1=Tom |last2=Layne |first2=Nathan |date=20 May 2016 |title=Special Report: Cyber thieves exploit banks' faith in SWIFT transfer network |work=Reuters |url=https://www.reuters.com/article/us-cyber-heist-swift-specialreport-idUSKCN0YB0DD |access-date=24 May 2016}}</ref> Both attacks involved [[malware]] written both to issue unauthorized SWIFT messages and to conceal that the messages had been sent. After the malware sent the SWIFT messages that stole the funds, it deleted the database record of the transfers and then took further steps to prevent confirmation messages from revealing the theft. In the Bangladeshi case, the confirmation messages would have appeared on a paper report; the malware altered the paper reports when they were sent to the printer. In the second case, the bank used a PDF report; the malware altered the PDF viewer to hide the transfers.<ref name="Second Attack Reported NYT" /> In May 2016, [[Banco del Austro]] (BDA) in Ecuador sued [[Wells Fargo]] after Wells Fargo honoured $12 million in fund transfer requests that had been placed by thieves.<ref name="ReutersSpecialReport" /> In this case, the thieves sent SWIFT messages that resembled recently cancelled transfer requests from BDA, with slightly altered amounts; the reports do not detail how the thieves gained access to send the SWIFT messages. BDA asserts that Wells Fargo should have detected the suspicious SWIFT messages, which were placed outside of normal BDA working hours and were of an unusual size. Wells Fargo claims that BDA is responsible for the loss, as the thieves gained access to the legitimate SWIFT credentials of a BDA employee and sent fully authenticated SWIFT messages.<ref name="ReutersSpecialReport" /> In the first half of 2016, an anonymous Ukrainian bank and others—even "dozens" that are not being made public—were variously reported to have been "compromised" through the SWIFT network and to have lost money.<ref>{{Cite web |last=Metzger |first=Max |date=28 June 2016 |title=SWIFT robbers swoop on Ukrainian bank |url=http://www.scmagazineuk.com/swift-robbers-swoop-on-ukrainian-bank/article/506140/ |access-date=29 June 2016 |publisher=[[SC Magazine]] UK}}</ref> In March 2022, Swiss newspaper ''[[Neue Zürcher Zeitung]]'' reported about the increased security precautions by the State Police of [[Thurgau]] at the SWIFT data centre in [[Diessenhofen]]. After most of the Russian banks had been excluded from the private payment system, the risk of sabotage was considered higher. Inhabitants of the town described the large complex as a "fortress" or "prison" where frequent security checks of the fenced property are conducted.<ref>Gyr, Marcel (1 March 2022). [https://www.nzz.ch/schweiz/das-swift-rechenzentrum-in-der-schweiz-wird-polizeilich-geschuetzt-aus-angst-vor-sabotage-ld.1672402?reduced=true "Das Swift-Rechenzentrum in der Schweiz wird polizeilich geschützt – wegen der Gefahr von Sabotage"] (in German) ''NZZ.com''. Retrieved 2 March 2022.</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)