When you think of payments scams, you tend to think first about cryptocurrency or bitcoin and not a compromise of the international banking system’s Society for Worldwide Interbank Financial Telecommunication or SWIFT network.
The Malaysian central bank narrowly avoided a serious payments cyberattack by hackers attempting to steal money by wire transfers on the SWIFT network.
Bank Negara Malaysia said the hackers failed to steal funds, but the fraudsters were not caught by authorities. Malaysia’s central bank supervises 45 commercial banks in the country.
Bangladesh lost $81 million in 2016
The SWIFT network was also used in a successful $81 million theft from Bangladesh Bank in 2016 and the theft of $12 million from Ecuador’s Banco del Austro in 2015. Earlier this year, $6 million was stolen from the Russian Central Bank.
“You thwarted an attack but you didn’t actually catch the hackers,” said Tom Kellermann, a former member of the World Bank security team. “That adversary is still out there attempting to exploit the system,” Reuters reported.
SWIFT secure but still vulnerable
Every day, more than 10,000 international banks and financial institutions use SWIFT to securely send as many as 24 million messages mostly to send and receive information such as money transfer instructions.
According to Investopedia, “Nearly 50 percent of SWIFT traffic is still for payment-based messages, but 43 percent now concern security transactions, and the remaining traffic flows to treasury transactions.”
Who uses SWIFT?
SWIFT is used by banks as well as other organizations, including trading houses, securities firms, asset management firms, clearinghouses, depositories, corporations, foreign exchange and money brokers.
While considered among the most secure financial networks in the world, it is not invulnerable as recent sophisticated scammers have proven.
SWIFT may soon see growing competition from Ripple and other fintech and blockchain ledger systems now in development and expected to shake up the financial world in the next five years.
In the meantime, hackers continue their relentless efforts to defraud financial institutions and consumers, and each are forced to keep up continuous improvement in security systems.