The global financial messaging system SWIFT uncovered on Tuesday some new hacking attacks on its member banks, Reuters reported Wednesday.
The disclosure came after banks were asked to comply with security procedures instituted after February's high-profile $81 million heist at Bangladesh Bank.
New cyber-attacks were detected since June, some of them successful, SWIFT said in a private letter to clients."Customers’ environments have been compromised, and subsequent attempts (were) made to send fraudulent payment instructions. The threat is persistent, adaptive and sophisticated - and it is here to stay,"
Reuters cited the letter.
It was suggested that cyber thieves specifically targeted banks with lax security procedures for SWIFT-enabled transfers.
The company also said in the letter that some victims in the new attacks lost money, but did not say how much was taken or how many of the attempted hacks succeeded. It did not identify specific victims, but said the banks varied in size and geography and used different methods for accessing SWIFT.
Since the Bangladesh heist SWIFT has repeatedly asked banks to improve their security measures, which would include stronger systems for authenticating users and updates to its software for sending and receiving messages. But a lot of institutions ignored that cautions.
The latest version of SWIFT software, which banks should install to November 19, has technology for verifying credentials of people accessing a bank's SWIFT system; stronger rules for password management; and better tools for identifying attempts to hack the software.