Swift, the international settlement network which connects 11,000 global banks has likely been hacked according to a report by BAE Systems.
“An unknown attacker gained access to the Bangladesh Bank’s (BB) SWIFT payment system and reportedly instructed an American bank to transfer money from BB’s account to accounts in The Philippines.”
As part of a sophisticated attack, a malware was installed on a Swift Alliance software server to cover tracks and evade detection by manipulating the security measures.
The attackers intended to transfer almost one billion dollars from Bangladesh Bank’s account at the Federal Reserve to other banks. It appears that the intrusion was detected due to a “spelling mistake in one transfer order” according to the BBC, before the full funds could be transferred. Almost $100 million are however still unaccounted.
BAE Systems researchers state:
“This malware was written bespoke for attacking a specific victim infrastructure, but the general tools, techniques and procedures used in the attack may allow the gang to strike again… This attacker put significant effort into deleting evidence of their activities, subverting normal business processes to remain undetected and hampering the response from the victim.”
They further suggest that “All financial institutions who run SWIFT Alliance Access and similar systems should be seriously reviewing their security now to make sure they too are not exposed.”
In a press release issued today Swift stated that the “malware has no impact on SWIFT’s network or core messaging services… the malware is designed to hide the traces of fraudulent payments from customers’ local database applications and can only be installed on users’ local systems by attackers that have successfully identified and exploited weaknesses in their local security.”
Bitcoin Shows Its Superiority Over the Current Centralized Approach
The Society for Worldwide Interbank Financial Telecommunication (SWIFT) handles millions of financial transactions a day, connecting banks in over 200 countries. It is the primary method used by banks to send payment orders and settle accounts facilitating trillions of dollars in transactions.
In a way, it performs a service no different than Bitcoin. However, rather than having many corresponding nodes and miners verifying transactions, it is centralized. Access to a Swift server, therefore, allows for manipulation of the data and potentially theft in a grand scale.
In this case, analysis of code repository uploaded from Bangladesh showed that the malware allowed the hackers to delete records and intercept incoming messages.
Moreover, they were able to intercept confirming messages sent for printing as a security measure. Sending instead “manipulated copies”, thus evading detection and potentially running away with huge sums of money.
“The main purpose is to inspect SWIFT messages for strings defined in the configuration file. From these messages, the malware can extract fields such as transfer references and SWIFT addresses to interact with the system database. These details are then used to delete specific transactions, or update transaction amounts appearing in balance reporting messages based on the amount of Convertible Currency available in specific accounts,” Sergei Shevchenko of BAE Systems said in the report.
Such manipulation would be relatively easy in a centralized database once access is gained, however it is virtually impossible in the decentralized ledger employed by Bitcoin.
Instead of one database with a centralized verification or confirmation system which can be manipulated, Bitcoin’s blockchain currently uses approximately 5,000 databases (nodes) across the globe.
Their job is to ensure that no manipulation has occurred with their results further enforced by miners which through a proof of work system confirm transactions.
Once a transaction is verified, it is as good as impossible for it to be changed. Care must however be taken to secure your private keys either through a multi signature - decentralized - wallet or by using cold storage.
The benefits of this decentralized approach are now widely recognised with almost all global banks looking to employ the blockchain in their own systems.
Including Swift, which late last year announced a global payment initiative focusing on developing a blockchain roadmap.
As the vulnerability of the centralized approach has now clearly been shown in contrast to Bitcoin’s database which has never been hacked by an individual, such initiatives may have added a sense of urgency so as to restore trust in the current global financial clearing system.