SWIFT Discloses New Cyber-Heists, Urges Banks to Boost Security Measures by Maritza Santillan.
From the post:
SWIFT, the messaging network used by financial institutions to complete transactions, announced on Tuesday it has discovered new cyber-theft attempts against its member banks.
According to a report by Reuters, the company sent out a private letter to global clients, warning that new cyber-heists have occurred since June this year.
“Customers’ environments have been compromised, and subsequent attempts (were) made to send fraudulent payment instructions,” read a copy of the letter, which was obtained by Reuters.
…
Furthermore, SWIFT announced it plans to suspend banks with poor security practices. In the letter, the firm notified banks they must install the latest version of its software by November 19, or they could be reported to regulators and banking partners.
…
The source for the “suspend banks,” said SWIFT was considering all its options so I would not take that threat very seriously.
One doubts a majority of its members could survive a garden variety SQLi attack on one or more of their locations. That won’t get you to SWIFT but its a good gauge of how serious security is, or rather isn’t, taken by your local bank.
Start hacking on the current version of the SWIFT software as some banks will upgrade by the November 19, 2016 target date.
Like the man says, it’s where the money is.