Daily Management Review

Is SWIFT really safe?


05/03/2017


The Society for Worldwide Interbank Financial Telecommunications (SWIFT) is experiencing a "midlife crisis". Nowadays, the international interbank system serves as a basis for most payment services in more than 11 thousand organizations, including banks and corporations, in 200 countries. Recently, the system has experienced several cyberattacks, so the administration came to think about how to protect SWIFT from hackers.



pixabay
pixabay
After the events of September 11, 2001, the CIA and the US Treasury got access to the financial information of the SWIFT network in order to track possible financial transactions of terrorists. After The New York Times, The Wall Street Journal and Los Angeles Times published information about this back in 2006, the SWIFT society was severely criticized for insufficient protection of client data. Subsequently, the administration of SWIFT announced beginning of transfer of the entire system’s architecture into a distributed mode with a two-zone model of storing all messages passing through it.

All messages sent via SWIFT are stored in one of three data centers - in the US, the Netherlands and Switzerland, tells The Wall Street Journal. There is also a fourth data center, whose location is known only to top-managers of the SWIFT. However, succession of recent cyber-attacks has questioned safety of the SWIFT. The network’s management insists that the platform’s core has not been compromised.

In recent years, the risk of cyber-attacks has increased, and the banking system has begun to include smaller institutions with weak protection. Last year, users and the industry’s players criticized SWIFT by for failing to properly strengthen the security system.

The SWIFT is trying to restore its reputation after cyber attackers stole millions of dollars from banks. In particular, the central bank of Bangladesh lost $ 81 million in the last year when hackers began sending instructions to the Federal Reserve Bank of New York on the transfer of funds to Asia.

The system’s authentication process is aimed at verifying that the information about the sender and receiver is consistent. Yet, if hackers acquire user data, the SWIFT can skip unauthorized translations. Thus, the SWIFT says that the weak link in the chain is not a platform, but banks themselves. SWIFT’s Executive Director Gottfried Leibbrandt introduced a rather resonant report last year, saying that banks with weak cyber protection will be disconnected from the global network of the international payment system.

In order to continue to cooperate with the SWIFT, banks must protect their systems from hackers with reliable programs. The SWIFT system was not hacked in all cases of money theft, but hackers got access to the data collection and transmission system using credentials of customers and malicious software to hide their tracks.

Chairman of SWIFT, Yawar Shah called to pay close attention to growing danger of hacker attacks on banks and banking systems. He urged financial institutions to strengthen security measures, and noted that hackers have improved methods of hacking local banking systems. There is now a new tactic, involving use of software that allows access to technical support of users' computers.

Recently the SWIFT representatives said they will offer customers a service to study the schemes for sending users messages and identify suspicious recipients and unusual amounts of payments. This tool is aimed at detecting fraudulent messages.

Clients of banks will be able to integrate this service directly into their SWIFT streams, which, in turn, will help to detect suspicious activity. Initially, the new service will be aimed at small financial institutions and central banks, which are struggling to comply with strict security rules. Cost of the service for customers has not been disclosed.

The system will flag unauthorized payment messages and examine patterns of transactions, and then develop individual profiles of message traffic based on characteristics of the business activity, the country and the currency in which the transactions are made.

As part of the SWIFT monitoring, the National Bank of Belgium holds meetings with the system’s management at least twice a year. These meetings address issues arising in the course of supervision, make recommendations and suggestions for improving the work. The US Federal Reserve also actively monitors the activities of the SWIFT and timely reports on cyberattacks.

Representatives of the SWIFT are reporting on the measures taken and further plans to implement the supervising authority’s instructions. It should be noted that implementation of supervision procedures does not frees the SWIFT from its responsibility for ensuring safe and reliable operation of the system, all its products and services.

source: wsj.com






Science & Technology

A City Is Can Be Converted To A Living Organism, Showcases China’s Huawei

Workers Would Be Helped To Lift More By These Robotic Vests

British Parliament to assess impact of e-cigarettes

Wind energy will provide 30% of Europe's needs by 2030

A Major Platform For Artificial Intelligence Is Its Mobile Devices: Apple

Rumor: Apple will release a budget version of iPhoneX

With China Set To Dominate, 1 Billion Could Be Using 5G By 2023

Deutsche Telekom unveils next gen 5G mobile antennas in Europe

Diamonds are now the new gold

Expert Body Says Driving In A Driverless Car In An Inebriated Condition Or On Drugs Should Be Legalized

World Politics

World & Politics

Japan demands to lift embargo on food from Fukushima

Bernard Arnault clarifies on Le Monde’s “Paradise Paper” report

South Korea and the U.S. present a united front against the North Korean leadership

Europe is preparing an alternative to NATO

Ten smartest cities in the world

Parties of Germany seek a common ground to create a coalition

Special counsel Robert Mueller’s Russian probe could see its first arrest today

Losing Steam Is North Korea’s Relationship With China – The Former’s Sole Ally