$81M Digital bank heist may not be the last

(Reuters) The cyber-attackers who stole approximate $81 million from the Bangladesh central bank probably hacked into software from the SWIFT financial platform that is at the heart of the global financial system, said security researchers at British defense contractor BAE Systems.

Further, the BAE Analysts say that the hackers were only 2-bytes away from stealing a staggering $951 million! Even though these hackers made a 2-byte typo, their take at even $81M is still the worlds largest digital bank heist by a long margin.

SWIFT is a cooperative owned by 3,000 financial institutions and it confirmed to Reuters that it was aware of a strain of malware that had targeting its client software. SWIFT’s spokeswoman Natasha Deteran said they would release on Monday a software update to thwart the malware, along with a special warning for financial institutions to scrutinize their security procedures.

The new developments now coming to light in the unprecedented cyber-heist suggest that an essential lynchpin of the global financial system could be more vulnerable than previously understood to hacking attacks, due to the vulnerabilities that enabled attackers to modify SWIFT’s client software.

CNN Money is similarly commenting that the original heist was as large as $101 Million dollars.

SWIFT said Monday that its network and core messaging services had not been compromised. Furthermore, they suggest that hackers would need to exploit local security systems in the systems using the SWIFT solutions, and that the hack would be localized to that system.

We understand that the malware is designed to hide the traces of fraudulent payments from customers’ local database applications and can only be installed on users’ local systems by attackers that have successfully identified and exploited weaknesses in their local security.

We have developed a facility to assist customers in enhancing their security and to spot inconsistencies in their local database records, however the key defence against such attack scenarios remains for users to implement appropriate security measures in their local environments to safeguard their systems – in particular those used to access SWIFT – against such potential security threats. Such protections should be implemented by users to prevent the injection of malware into, or any misappropriation of, their interfaces and other core systems.

SWIFT is making customers aware of the new facility through its ongoing Security Campaign.

Nevertheless, a system running the software and hacked is open for fraudulent transfers of millions of billions of dollars.