With the proliferation of data breaches in the past few years at an all-time high, banking institutions are being warned by SWIFT, a global financial messaging system, to comply with recently suggested security procedures to end sophisticated attacks. The stern warning comes after February's appalling $81 million heist at Bangladesh Bank.
Data breaches are at an all-time high and hackers are discovering new methods of attack almost daily. Banking institutions remain to be at the top of the list for cybercrooks to attack and eventually heist data that ultimately ends up costing banks and its consumers millions of dollars.
The attack on the Bangladesh Central Bank is one of the many examples of a banking infrastructure lacking the proper security to thwart attacks. Apparently, the environments that customers utilize to access banks have been compromised where attackers are exploiting such vulnerabilities like never before.
In a recent disclosure from SWIFT, the financial messaging company suggests that cybercrooks have heightened their efforts to target banks that have inadequate security procedures. The disclosure covers banks that utilize SWIFT's transfers, which is a big enough scope to gather the gist of banking activities and definitive proof of them being attacked. SWIFT has outlined that the banking institutions identified to be victimized by attacks vary in size, location, and use of their methods for accessing SWIFT services.
In the findings by SWIFT, the banks that succumb to attacks have a commonality of having weak security procedures that ultimately allow computer users who use SWIFT to send messages in requests for large sums of money are easier to hack. The Bangladesh police looked into the details of February's attack and found that many of the banks that allowed infiltration lacked proper firewalls and used second-hand electronic switches for their network connecting their internal computers. Such a practice is a big mistake and evidence of banks failing to implement the proper security measures to prevent attacks.
After the Bangladesh heist, SWIFT has consistently warned banks through a steady push to use new security measures that include using a stronger system for authentication of users and updates to all software used. The difficulty for SWIFT to enforce their suggestions to banks ensues leaving them with the choice to report banks that do not comply with regulators and banking partners. For now, SWIFT set a looming November 19, 2016, deadline date for installing the latest version of their software. Those who perform the software updates will benefit from new security features for verifying credentials and tools to help identify hacking attempts.
The priority of implementing the necessary security features and safeguards within banking institutions should be paramount. Unfortunately, many banks have put off updating their security infrastructure and as a result, have suffered from past cyber-attacks.
The countless cases of banking security remaining to be lackadaisical have also prompted European and US regulators to urge banks to improve their cybersecurity. SWIFT continues to be one of few entities that are vigilant in the quest to reduce fraudulent banking activity, which includes putting a stop to cyberattacks that end up costing institutions and consumers money in the end.
SWIFT's recent warnings and letters dispatched to clients have undoubtedly prompted many institutions and regulators to enforce actions to improve upon banking security vulnerabilities around the world. Hopefully, the message remains to spread and doesn't get lost in translation among banks that are scrambling to find the necessary resources for improving their cybersecurity infrastructure.