SWIFT has announced it will soon be launching a new security program that will help banks better protect themselves against digital threats in the wake of some high-profile bank heists.
The Society for Worldwide Interbank Financial Telecommunications (SWIFT), through which banks send one another payment instructions, is launching the program in response to the recent Bangladesh Bank heist.
Back in February, a group of attackers used malware to modify SWIFT's Alliance Access software and gain access to a database at the Bangladesh Bank. From there, they sent out a series of fraudulent SWIFT messages requesting that the Bank move close to one billion dollars to banks in the Philippines and Sri Lanka.
Several routing banks and the New York Federal Reserve put a stop to most of those fraudulent transfers, though four requests totaling $81 million made it through to the Philippines.
The Bangladesh Bank is currently working to retrieve its lost monies.
In the meantime, reports have surfaced of a Vietnamese bank that experienced an incident similar to the Bangladesh Bank heist where attackers used malware to target SWIFT's Alliance Access software.
The society's intended plan will consist of five points: improving information sharing, hardening security requirements for consumer-managed software, introducing certification requirements for third-party providers, improving members' ability to identify fraudulent transactions, and developing security audit frameworks.
"SWIFT will continue to notify you as soon as possible of any cases of malware known to us so that you can better target your preventative and detective efforts in your local environment," the society said in a statement Friday, as quoted by ZDNet. "We will also continue to share best practices to help all our users improve their security as we have been doing very proactively over recent months. We are currently working to further reinforce our support to customers in securing their access to the SWIFT network; we are receiving feedback from the relevant board committee and overseers in the coming days and will be sharing plans with the wider community."
Chief executive for the society Gottfried Leibbrandt intends to defend SWIFT at a financial services conference in Brussels. There, he will explain how the new security program is intended to address user failures that allegedly caused the Bangladesh Bank heist.
Some critics in the financial services industry remain critical of SWIFT, however, and believe the society should do more to audit clients and cut off members who do not invest enough in security.
News of this plan follows on the heels of the Bank of England's request that all UK banks update their information security measures to align with recommendations set forth by SWIFT.