Global Dimension of Banking SWIFT breach and protection

What is SWIFT

Swift has been established form 1973, with the establishment of international banks consortium of S.W.I.F.T stends for Society for Worldwide Interbank Financial Telecommunication. Their goal was to transfer standardized financial messages between different financial actors in the banking sector. (SWIFT website)

SWIFT Institute developed into electronic pivotal postal service for the financial industry. The global SWIFT network nowadays carries tens of million messages per day or a few billions of messages per year. Half of the traffic consists of traditional payment messages. The network build of Nearly a hundred thousand users in more than two hundred countries.

SWIFT has a monopoly position in international financial transactions. Most of any international transaction in the regular banking sector goes through the SWIFT network and SWIFT servers. The two main big data operation centers BDOC are located in Netherlands and Virginia, USA. For security controls and preventing data breach or loss, every message is processed simultaneously on both continents and saved for 124 days. well regulated, secured and controlled.

SWIFT non-profit cooperative society Based in Belgium; under Belgian law. SWIFT is vital to the global financial-banking system since a SWIFT network breakdown would entail the collapse of all modern financial system in the world. The National Bank of Belgium acts as the lead overseer. The oversight of SWIFT is based on a dialogue of good faith and mutual trust.

In 2001, shortly after 9/11, The legal strategy prevailed, and within weeks after 9/11, the secret “Terrorist Financing Tracking Program” (TFTP).

The program functions as followed: The Office of Foreign Assets Control (OFAC), which is part of the Treasury Department, issues subpoenas to the SWIFT data processing center in the US. These subpoenas define which messages SWIFT has to transfer to the Treasury Department. The selected messages are then copied from the SWIFT server in the US and transferred to the UST where they are searched for predetermined names and accounts.

SWIFT acknowledged that the first searches were conducted on the entire SWIFT database, US Treasury officials say that nowadays “less than one percent” of global SWIFT traffic is searched.

5 out of those 35 fraudulent messages were successful in transferring $101 million USD, with $20 million traced to Sri Lanka and $81 million to the Philippines.

The Federal Reserve Bank of New York blocked the remaining thirty transactions, amounting to $850 million, due to suspicions raised by misspelled notifications on SWIFT messages. All the money transferred to Sri Lanka has since been recovered. However, as of 2018 only around $18 million of the $81 million transferred to the Philippines has been recovered. Most of the money transferred to four personal accounts, held by single individuals, It was later suspected that Dridex malware was used for this attack.

SWIFT has chosen to prioritize these mandatory controls to set a realistic goal for near-term, tangible security gain and risk reduction. Advisory controls are based on good practice that SWIFT recommends users to implement real-time solutions. Over time, mandatory controls may change due to the evolving threat landscape, Swift recommends advisory controls or MSSP SOC servicing may become mandatory.

SWIFT program policy controls are articulated around three overarching objectives:

(1) Secure your Environment, (2) Know and Limit Access, (3) Detect and Respond.

Those controls have been developed based on SWIFT's analysis of cyber threat intelligence. The control definitions are also intended to be in line with existing information security industry standards.

our recommendations are to Implement financial regulations within your organization, such as COBIT regulation or ISO or others; we in CyberCUBE Mongolia have the experience and the knowledge to assimilate and execute COBIT compliance and other regulations.

All financial and banking users need to confirm full compliance with the SWIFT mandatory security controls by 31 December 2018. SWIFT has published the new Customer Security Controls Framework (CSCF) v2019, which provides additional guidance and clarification - these include promoting three to mandatory and two new advisory controls.

To execute and fully compliance with SWIFT CSCF v2019 policy program you should have a consulting company to help you plan and budget any action required on your part. Attesting compliance against the CSCF v2019 will be mandatory by the end of 2019.

The SWIFT Customer Security Controls Framework Detailed Description is available on the swift website. We know swift. we have fraud solutions systems, CyberCUBE Mongolia expert compliance team knows how to work you through the prosses, contact us.