US warns banks of hacking threat to Swift system

The statement came two weeks after the Federal Bureau of Investigations sent a notice cautioning US banks after the hacking of Bangladesh’s central bank.

The FBI message warned of a “malicious cyber group” that had already targeted foreign banks, reports The BBC.

In February, hackers stole $81m (£56m) from Bangladesh’s account with the Federal Reserve Bank of New York.

The hackers used the Bangladesh central bank’s Swift credentials to transfer money to accounts in the Philippines. Swift is the system banks use to exchange messages and transfer requests.

The hackers attempted to steal nearly $1bn, but several of their requests were rejected because of irregularities.

The Federal Financial Institutions Examination Council (FFIEC) – a group of US banking regulators- issued a statement encouraging banks to check their Swift connections.

The council said that following recent attacks banks should “actively manage the risks associated with interbank messaging and wholesale payment networks”.

It warned that unauthorised transactions may subject the originating bank to losses and compliance breaches.

Failures in both the Bangladesh central bank system and the Swift system have been blamed for the February hacking.

The FBI sent its warning to US banks on 23 May, telling them to pay particular attention to potentially fraudulent international transfer requests.

“The actors have exploited vulnerabilities in the internal environments of the banks and initiated unauthorised monetary transfers over an international payment messaging system,” the alert said.

The Bureau said it would not comment on these alerts, but a spokesman added: “The FBI routinely advises private industry of various cyber threat indicators observed during the course of our investigations. This data is provided in order to help systems administrators guard against the actions of persistent cyber criminals.”