In the wake of recent cyber security heists of tens of millions of dollars via a global financial messaging system, the cooperative that manages the system on Monday said it has hired Britain’s BAE Systems and the Dutch firm Fox-IT to provide cyber security services and expertise.
The values of the contracts were not disclosed.
The Society for Worldwide Interbank Financial Telecommunications (SWIFT) said the contracted services and its in-house cyber security experts will work with its newly created Customer Security Intelligence team to support the Belgium-based cooperative’s customer information sharing initiative and bolster cyber security across the SWIFT community.
SWIFT is owned by its global members who consist of banking and securities organizations and enables them to communicate securely through standardized financial messages to facilitate global and local financial transactions.
SWIFT said the information sharing initiative includes intelligence and analysis of the operating methods of recent “customer fraud cases” and it “has published an inventory of malware used in attacks as well as indicators of compromise (IoC) that [it] has developed to assist other customers in detecting threats in their operating environments.”
Craig Young, SWIFT’s chief technology officer, said in a statement that “Customer intelligence, including intelligence related to attacks that have ultimately failed, is crucial to helping us continue protecting our community. Information we have already received from impacted banks has allowed us to identify new malware and to publish related IoCs which are helping to protect the wider community.”
“SWIFT operates on a high security maturity level and we will be working closely together both supporting their cyber forensics analysis work, as well as helping them share anonymised information with the community,” Menno van der Marel, CEO of Fox-IT, said in a statement.
In March it was reported that cyber thieves used stolen credentials from the Bank of Bangladesh to transfer $81 million from the bank’s account with the New York Federal Reserve Bank and transferred the funds via the SWIFT messaging system to fraudulent accounts in the Philippines and Sri Lanka.
The cyber heist prompted Sen. Tom Carper (D-Del.), ranking member of the Senate Homeland Security and Governmental Affairs Committee, to request information from the New York Federal Reserve and SWIFT on actions they are taking or protect banks around the world from cyber threats.