Home World Business Hackers release files indicating NSA monitored global bank transfers

Hackers release files indicating NSA monitored global bank transfers

1
0
SHARE

The documents and files were released by a group calling themselves The Shadow Brokers

released documents and files on Friday that cybersecurity experts said indicated the U.S.


National Security Agency had accessed the SWIFT interbank messaging system, allowing it to monitor money flows among some West Asian and Latin American banks.


The release included computer code that could be adapted by criminals to break into SWIFT servers and monitor messaging activity, said Shane Shook, a cyber security consultant who has helped banks investigate breaches of their SWIFT systems.


The documents and files were released by a group calling themselves Some of the records bear seals, but Reuters could not confirm their authenticity.


The could not immediately be reached for comment.


Shook said criminal could use the information released on Friday to hack into banks and steal money in operations mimicking a heist last year of $81 million from the Bangladesh central bank.


“The release of these capabilities could enable fraud like we saw at Bangladesh Bank,” Shook said.


The SWIFT messaging system is used by banks to transfer trillions of dollars each day. Belgium-based SWIFT downplayed the risk of attacks employing the code released by on Friday.


SWIFT said it regularly releases security updates and instructs client banks on how to handle known threats.


“We mandate that all customers apply the security updates within specified times,” SWIFT said in a statement.


SWIFT said it had no evidence that the main SWIFT network had ever been accessed without authorisation.


It was possible that the local messaging systems of some SWIFT client banks had been breached, SWIFT said in a statement, which did not specifically mention the


When cyberthieves robbed the Bangladesh Bank last year, they compromised that bank’s local SWIFT network to order money transfers from its account at the New York Federal Reserve.


The documents released by on Friday indicate that the may have accessed the SWIFT network through service bureaus. SWIFT service bureaus are companies that provide an access point to the SWIFT system for the network’s smaller clients, and may send or receive messages regarding money transfers on their behalf.


“If you hack the service bureau, it means that you also have access to all of their clients, all of the banks,” said Matt Suiche, founder of the United Arab Emirates-based cybersecurity firm Comae Technologies, who has studied the Shadow Broker releases and believes the group has access to files.


The documents posted by include Excel files listing computers on a service bureau network, user names, passwords and other data, Suiche said.


“That’s information you can only get if you compromise the system,” he said.


Cris Thomas, a prominent security researcher with the cybersecurity firm Tenable, said the documents and files released by show “the has been able to compromise SWIFT banking systems, presumably as a way to monitor, if not disrupt, financial transactions to terrorists groups”.

Hackers release files indicating NSA monitored global bank transfers

The documents and files were released by a group calling themselves The Shadow Brokers

The documents and files were released by a group calling themselves The Shadow Brokers

released documents and files on Friday that cybersecurity experts said indicated the U.S.


National Security Agency had accessed the SWIFT interbank messaging system, allowing it to monitor money flows among some West Asian and Latin American banks.


The release included computer code that could be adapted by criminals to break into SWIFT servers and monitor messaging activity, said Shane Shook, a cyber security consultant who has helped banks investigate breaches of their SWIFT systems.


The documents and files were released by a group calling themselves Some of the records bear seals, but Reuters could not confirm their authenticity.


The could not immediately be reached for comment.


Shook said criminal could use the information released on Friday to hack into banks and steal money in operations mimicking a heist last year of $81 million from the Bangladesh central bank.


“The release of these capabilities could enable fraud like we saw at Bangladesh Bank,” Shook said.


The SWIFT messaging system is used by banks to transfer trillions of dollars each day. Belgium-based SWIFT downplayed the risk of attacks employing the code released by on Friday.


SWIFT said it regularly releases security updates and instructs client banks on how to handle known threats.


“We mandate that all customers apply the security updates within specified times,” SWIFT said in a statement.


SWIFT said it had no evidence that the main SWIFT network had ever been accessed without authorisation.


It was possible that the local messaging systems of some SWIFT client banks had been breached, SWIFT said in a statement, which did not specifically mention the


When cyberthieves robbed the Bangladesh Bank last year, they compromised that bank’s local SWIFT network to order money transfers from its account at the New York Federal Reserve.


The documents released by on Friday indicate that the may have accessed the SWIFT network through service bureaus. SWIFT service bureaus are companies that provide an access point to the SWIFT system for the network’s smaller clients, and may send or receive messages regarding money transfers on their behalf.


“If you hack the service bureau, it means that you also have access to all of their clients, all of the banks,” said Matt Suiche, founder of the United Arab Emirates-based cybersecurity firm Comae Technologies, who has studied the Shadow Broker releases and believes the group has access to files.


The documents posted by include Excel files listing computers on a service bureau network, user names, passwords and other data, Suiche said.


“That’s information you can only get if you compromise the system,” he said.


Cris Thomas, a prominent security researcher with the cybersecurity firm Tenable, said the documents and files released by show “the has been able to compromise SWIFT banking systems, presumably as a way to monitor, if not disrupt, financial transactions to terrorists groups”.

image

Clare Baldwin | Reuters

Business Standard

http://bsmedia.business-standard.com/_media/bs/wap/images/bs_logo_amp.png 177 22

LEAVE A REPLY

Please enter your comment!
Please enter your name here