Hackers have stolen hundreds of millions of dollars from international banks in the last two years after compromising the networks of financial institutions and then using that access to send fraudulent transactions through SWIFT, the global network banks use to transfer money between one another.
In response, SWIFT begins enforcing mandatory security controls on April 1 as part of an effort to strengthen defenses against an increasing host of hackers success in pulling off some of the biggest bank heists in history. One of the groups involved in attacks against South East Asia banks is largely thought to be controlled by North Korean intelligence.
Cybercriminal groups have launched multiple distinct sustained and successful hacking campaigns against banks around the world with the ultimate targeting being fraudulent SWIFT transactions. One industry group said Eastern European banks had lost hundreds of millions of U.S. dollars to hackers.
The first new rule is to restrict internet access and segregate SWIFT and critical systems generally from the bank’s general networks and systems. Ever since the rash of heists began in 2015, SWIFT officials have argued that the SWIFT network itself was secure. Hackers gained access only by breaking into banks that made security gaffes.
By strictly separating SWIFT from general systems, the industry-owned cooperative aims to further harden the network from attacks.
The new rules, which include 27 distinct directives, are in effect as of Saturday. The more than 11,000 customer banks of SWIFT must now provide “detailed self-attestation.” As of Jan. 1, 2018, internal and then external inspectors will begin audits of the physical and cybersecurity of banks in the SWIFT network.
SWIFT hired two major cybersecurity firms, BAE Systems and Fox-IT, in July 2016 to address the heists. Regulators in Asia, Europe and North America have expressed interest in the thefts and security controls of the banking industry as well.
“Applying these standards will raise the security bar for customers on the SWIFT network and further support customers in their efforts to prevent and detect fraudulent use of their infrastructure,” the organization said. “Implementation of these standards will also increase security awareness and education in the on-going fight against cyber-related wire fraud.”