Coincidence? Only days after Russia says it’s ready to pull the plug on SWIFT, a Russian bank gets hacked using SWIFT. Here’s the details…
from Zero Hedge
In the latest revelation about the Society for Worldwide Interbank Telecommunication’s vulnerability to hackers – who’ve stolen tens of millions of dollars from banks and central banks mostly by stealing the special private keys used to sign off on transactions – Russian authorities revealed that hackers had made off with about 340 million rubles ($6 million) during an attack carried out last year,according to Reuters.
While that’s not the largest sum ever stolen by infiltrating SWIFT (indeed it pales in comparison to the more than $80 million stolen from the Bank of Bangladesh’s reserve account at the New York Fed back in 2016) the news comes just days after Russian authorities said the country’s banking system would be ready to abandon SWIFT if the US and European Union tried to cut off its banks.
In a report about the incident, the Russian authorities said hackers had gained control of a computer at a Russian bank and used SWIFT to transfer the money to their own accounts. Of course, the bureaucrats who run SWIFT from Brussels insist that the SWIFT system itself has never been infiltrated – and that the vulnerabilities exploited by hackers are solely the responsibility of the participating institutions. The irony here is that this is the same excuse advanced by bitcoin evangelists and others who wax about the “immutable” blockchain and its security features, only to overlook that hundreds of millions of dollars in cryptocurrencies have been stolen by hackers over the past few years.
To be sure, SWIFT officials have warned that hacking attacks are becoming “increasingly prominent” after the theft of the Bangladesh funds, which disappeared after landing in accounts based in the Philippines and then Macau.
The central bank revealed that it had learned of the theft from a “SWIFT systems operator” – presumably the bank where the hack originated – which had stumbled upon the unauthorized transactions. They then used the SWIFT system to transfer money to their own accounts. What happened next isn’t entirely clear. The deputy head of the Central Bank of Russia’s security department said only that the attack was a “common-sense scheme”.
A SWIFT spokeswoman said the network offers its assistance during hacking incidents, though it’s unclear how exactly they have helped: Once the funds have been transferred outside of the banking system, they’re effectively irrecoverable. Indeed, during the Bangladesh heist – which took place over a long weekend, so as to take the money and run before their scheme is uncovered – $20 million of orders were stopped by the NY Fed’s internal controls because of certain suspicious qualities of the requests. In that incident, the hackers had somehow gained access to the Central Bank of Bangladesh’s private keys, which they used to authorize the transactions.
“When a case of potential fraud is reported to us, we offer our assistance to the affected user to help secure its environment,” said the spokeswoman, Natasha de Teran.
This isn’t the first attempt to infiltrate SWIFT via a Russian bank. Back in December, hackers tried to steal 55 million rubles (about $1 million) from Russian state-run bank Globex using the SWIFT system.
Meanwhile, in what appears to be a desperate attempt to save face, SWIFT has declined to disclose the number of attacks or identify any victims, but details on some cases have become public, including attacks on Taiwan’s Far Eastern International Bank and Nepal’s NIC Asia Bank.