In his keynote address at the European Financial Services Conference in Brussels yesterday (May 24), Leibbrandt talked about the Bangladesh incident as “a big deal” that “gets to the heart of banking”, and responded to concerns regarding the financial messaging provider’s cybersecurity.
In answer to two questions that have been raised by the media in recent weeks, namely “isn’t Swift in the middle of all this?” and “what is Swift going to do about it?” he replied: “Swift, our network, software and our core messaging services have not been compromised. In Bangladesh and the other cases, the thieves compromised the IT environment and worked their way to the bank systems where the Swift instructions are generated and the confirmations received. And while we (and other providers) give tools and software to our customers, our customers run these in their own environment and need to keep them secure. We cannot secure our customers’ environments and cannot assume responsibility for that.”
“At the same time, we play a crucial role in the global payments system, and the events form a direct threat for that system. We therefore very much want to be part of the solution. We think we can be and we have to be,” he added
As a response to the increasing cyber threat, Leibbrandt announced Swift’s five-part Customer Security Programme to reinforce the security of the global financial system. The plan includes initiatives to: improve information sharing among the global financial community; harden security requirements for customer-managed software to better protect their local environments; enhance Swift’s guidelines and develop security audit frameworks for customers; support banks’ increased use of payment pattern controls to identify suspicious behaviour; and introduce certification requirements for third-party providers.
The programme will be officially launched later this week. The focus on increasing security requirements for third-party providers derives directly from the recent attacks, including the one on Vietnam’s TP Bank, which targeted the bank’s PDF reader.
There will be more cyber-attacks. And inevitably some will be successful. Gottfried Leibbrandt, Swift
Ryan Stolte, chief technical officer at cybersecurity software provider Bay Dynamics, tells GTR: “Attackers definitely follow the path of least resistance. The financial services community has good defences and requires higher levels of authentication and trust, but they’ll often put in trust systems that provide credentials directly through their suppliers. Somewhere between 20 and 25% of all the actual users on a big company or bank’s network don’t actually work for them – they are third-party suppliers.”
Swift’s CEO also called for more innovation in the cybersecurity space, pointing out that the key to technology-enabled crime is technology itself, namely pattern recognition, monitoring, anomaly detection, authentication and biometrics.
“The financial industry, as a community, has to be clear that cyber risk is big; there will be more cyber-attacks. And inevitably some will be successful. Acknowledging this doesn’t mean we are resigned to it. Rather, it means that we must work even harder at our collective defensive efforts,” Leibbrandt added.
The number and frequency of cyber-attacks in the financial industry seems to be increasing weekly, and the urgency of the situation is being felt throughout the sector. Just last week, Hong Kong-based cryptocurrency exchange platform Gatecoin was hacked, with the equivalent of US$2mn in bitcoin and ethere stolen from the company’s “hot wallets”. According to Gatecoin, the breach resulted in the loss of 15% of its crypto-asset deposits.
The platform is now closed until cybersecurity firm Tehtri Security concludes the forensic investigation and ensures systems can be moved to a “new, clean, thoroughly tested, and monitored infrastructure”, Gatecoin says in a statement.