Financial institutions need 'strong IT controls' following SWIFT attacks: MAS

Financial institutions need 'strong IT controls' following SWIFT attacks: MAS
After a series of cyber attacks on financial institutions worldwide, the Monetary Authority of Singapore says that it will continue to monitor the security landscape and provide guidance where necessary.

By Melissa Zhu
Posted 16 May 2016 17:22 Updated 16 May 2016 23:07

SINGAPORE: The Monetary Authority of Singapore (MAS) "expects financial institutions to implement strong controls in their IT systems", after recent cyber attacks using the Society for Worldwide Interbank Financial Telecommunication (SWIFT) financial messaging system.

The regulator told Channel NewsAsia on Monday (May 16) that these controls included maintaining a high level of security for critical IT systems such as SWIFT. "MAS will continue to monitor the security landscape and threats faced by the financial industry and provide guidance where necessary," a spokesperson said.

MAS' comments come in the wake of a number of cyber attacks on banks worldwide through SWIFT's system - a network that allows institutions to carry out financial transactions by sending out messages through a secured global communications network.

In February, hackers broke into the computer systems of the Bangladesh Central Bank, stealing credentials for payment transfers worth US$81 million out of a Federal Reserve Bank of New York account held by the Central Bank using fraudulent SWIFT messages.  Last Thursday, SWIFT announced that a second bank had been hit by a similar malware attack. A spokesperson said it was not immediately clear how much money, if any, was stolen from the unnamed commercial bank.

After this case, SWIFT confirmed that malicious attackers had submitted SWIFT messages from financial institutions' back-offices, PCs or workstations connected to their local interface to the SWIFT network.

It added that after hackers submitted fraudulent instructions on SWIFT by impersonating the banks' operators, they used malware to target a PDF reader application used for reports of payment confirmations, to remove traces of the fraudulent messages.

"This malware only targets the PDF reader in affected institutions’ local environments and has no impact on SWIFT’s network, interface software or core messaging services," it said.

On Sunday, Vietnam's Tien Phong Bank said it interrupted an attempted cyber heist using SWIFT messages to transfer more than 1 million euros (US$1.1 million) in funds.

SWIFT, a Belgian co-operative owned by member banks and used by 11,000 financial institutions globally, had said forensic experts believe the second case showed that the Bangladesh heist "was not a single occurrence, but part of a wider and highly adaptive campaign targeting banks".

The chain of related attacks has put the linchpin for the financial messaging industry under intense scrutiny. The organisation has said that banks are responsible for securing computers used to send messages over its network, but a Bangladeshi-government appointed panel later blamed the cyber theft on "a number of errors" committed by the messaging network.

In a statement last Friday, SWIFT also said that "the SWIFT network, core messaging services and software have not been compromised".

"The security and integrity of our messaging services are not in question as a result of the incidents," it reiterated.

CYBER THREATS TAKEN "VERY SERIOUSLY": LOCAL BANKS

While there are no known cases of related attacks on banks in Singapore so far, financial institutions told Channel NewsAsia that they are taking cyber security "very seriously".

United Overseas Bank's managing director and head of group technology, Susan Hwee, said the bank deploys "multiple layers of security, and constantly monitors developments and enhances our systems to ensure that we manage technology risks in a systematic and consistent manner".

"The bank adheres to strict security standards which are aligned to industry best practices and regulatory guidelines to maintain a secure banking environment for all our customers,” added Ms Hwee.

Mr Patrick Chew, head of operational risk management at Oversea-Chinese Banking Corporation (OCBC), likewise said the bank took a serious view on cyber threats.

"The modus operandi of cybercriminals morphs frequently. We therefore maintain a high level of vigilance over new or emerging cyber threats," he said, adding that this entails adopting a "proactive and multi-dimensional approach" that includes close monitoring, investing in IT infrastructure, regular reviews of operation processes, employee training and the issuance of advisories to customers.

OCBC also has a cyber security operations centre that monitors the bank’s IT and cyber security systems round the clock, and works closely with national agencies and industry bodies to safeguard the bank against increasingly sophisticated cyber threats, said Mr Chew.

"These collaborations allow us to constantly keep abreast of cyber security developments while facilitating collective efforts by the industry to confront and mitigate against such risks," he elaborated.

As lenders globally step up efforts to step up cybersecurity, Standard Chartered said it hired a new chief information security officer, former Symantec executive Cheri McGuire, on Wednesday. The bank's Singapore branch said that it has not been targeted by such cyber attacks so far.

- CNA/mz


- wong chee tat :)