Sat, Nov 23, 2024 | Jumada al-Awwal 21, 1446 | DXB ktweather icon0°C

US warns banks on cyber threat

Top Stories

Similar cases later came to light including a $12 million theft from Banco del Austro in Ecuador, an attack on Vietnam’s Tien Phong Bank and one on an unidentified victim in the Philippines.

Similar cases later came to light including a $12 million theft from Banco del Austro in Ecuador, an attack on Vietnam's Tien Phong Bank and one on an unidentified victim in the Philippines.

US regulators on Tuesday told banks to review cyber-security protections against fraudulent money transfers in the wake of revelations that a hacking group used such messages to steal $81 million from the Bangladesh central bank.
The notice from the Fed and other financial regulators came two weeks after the US Federal Bureau of Investigation privately urged banks to look for signs of possible cyber attacks. That report asked them to hunt for technical clues that they have been targeted by the same group, according to a notification seen on Tuesday by Reuters.
The warnings suggest that US government and law enforcement agencies are concerned that recent attacks on banks in emerging-market economies could lead to losses for big US firms that rely on the so-called Swift (Society for Worldwide Interbank Financial Telecommunication) fund-transfer network, which serves as the backbone of international finance.
Concerns about cyber threats to banks have grown since Bangladesh Bank disclosed its heist in March. Similar cases later came to light including an earlier $12 million theft from Banco del Austro in Ecuador, an attack on Vietnam's Tien Phong Bank and one on an unidentified victim in the Philippines.
Dan Guido, a former member of the security team for the US Federal Reserve System, said he expects the hacker group will launch more attacks.
"There is a hacker group out there that is polished and practiced. They know when they target a bank, they get in and get out and the attack will work," said Guido, chief executive of cyber-security firm Trail of Bits. The Federal Financial Institutions Examination Council, or FFIEC, said banks should review risk-management practices and controls over payment systems networks, including authentication, authorisation, fraud detection and response management.
The group did not issue new cyber security rules, but highlighted existing guidelines. It warned banks that they could suffer financial losses from cyber attacks involving wire fraud and also be scrutinised by regulators to determine whether they are complying with security regulations.
The FFIEC's members include the US central bank, the Federal Deposit Insurance Corporation and the Comptroller of the Currency.
The FBI's warning, which provided technical information about the recent attacks, said a "malicious cyber group" had compromised the networks of multiple foreign banks.
"The actors have exploited vulnerabilities in the internal environments of the banks and initiated unauthorised monetary transfers over an international payment messaging system," the bureau said in a May 23 alert. The report, which did not identify specific victims, asks recipients to call the FBI if they find any of the technical indicators mentioned in the bulletin or have other "related information."
An FBI spokeswoman declined to elaborate on the notification.
Bank security experts said that the FFIEC's letter would have little impact.

Published: Wed 8 Jun 2016, 12:00 AM

Updated: Wed 8 Jun 2016, 10:41 PM

  • By
  • - Reuters


Next Story