Reuters has reported that SWIFT has disclosed new hacking attacks on member banks. Some of the attacks have been successful, resulting in losses to financial institutions.
Here are some insights from Dick Bussiere, Technical Director APAC, Tenable Network Security, in case you’re following this story.
“The SWIFT cyberattacks have been so successful because of the interconnectivity between international banks. Networks are only as secure as their weakest link. U.S. banking regulations don’t apply in Bangladesh, Thailand, or any other countries which may have a potentially substandard regulatory environment. Meaning, if a U.S. bank, with relatively strong cybersecurity practices, is connected to a Thai bank with little cybersecurity, then the Thai bank becomes the weak link in the chain, and the likely vector for compromise.
“To overcome the risks posed by this interconnectivity, banking regulations need to be established by the banks themselves, on top of those established by governments, to ensure that every bank that connects to an interbank network follows minimum security standards. These interbank connections must also be continuously monitored for vulnerabilities and indications of compromise.
“At a very basic level, maintaining good cyber hygiene is important in thwarting these types of attacks. This means continuously monitoring all IT environments for indications of compromise. Doing so will ensure banks can detect compromises before damage can be done. It will also identify security weak points, or gaps in the network, allowing banks to make the necessary corrections to mitigate those weaknesses.
“The financial industry as a whole needs to adopt the mindset that “this network will be breached.” With this attitude, financial institutions will audit their networks for vulnerabilities on a regular basis, and will tightly monitor them for indications of compromise.”