Swift creates anomaly alerts following cyberattacks

The company said Tuesday it was developing customer alerts displaying a snapshot of a day’s activity and any unusual messaging patterns detected by Swift.

The move follows cyberattacks on Swift customers in Bangladesh, Ecuador, Vietnam and other locations. Swift, whose formal name is the Society for Worldwide Interbank Financial Telecommunication, has said its core messaging platform was unaffected and that it is up to users to maintain the security of their own systems.

Even so, Swift launched a customer security programme in early summer and has been urging banks to be more forthcoming with information about any attacks so it can keep the Swift community apprised of threats and regulators informed of its responses.

The “daily validation reports” will be available in December under a voluntary registration programme for customers, said Swift spokeswoman Natasha de Teran, supplementing existing fraud control tools.

She said pricing hasn’t been finalised, but the idea was to make it as accessible as possible for smaller institutions. “Our focus is to improve security, not to derive profit,” she said.

The alerts will be sent through a channel that is separate from the customer’s payments and compliance channels to help ensure reliability even if hackers have gained control of a bank’s operations or disabled certain functions to cover their tracks.

Each alert will contain two features: a statement of the day’s transaction messaging activity and a risk report of any orders of unusual size, new or unusual payees, combinations of payment parties, or other anomalies, put together by Swift from its own logs of a customer’s message history.

Stephen Gilderdale, head of the customer security programme at Swift, said a hallmark of recent hackings has been the perpetrators’ ability to conceal their activity. In February, hackers tried to steal nearly $ 1 billion from the Bangladesh central bank’s account at the Federal Reserve Bank of New York and walked away with $ 81 million, in part because of clever timing and an elaborate way of obfuscating the heist.

The Swift spokeswoman said recipient banks wouldn’t receive copies of the customer alerts with which to verify potentially fraudulent incoming traffic, and it would be up to customers to review their alerts and call attention to any problems.

Swift’s system authenticates senders and recipients by validating that certain codes and formatting are in place, and fields are completed with appropriate information, but the messaging provider doesn’t look inside the messages its customers send.

In July, Swift hired a pair of information security firms to help it scrutinise customers’ use of its systems and detect attempted hackings.

Meanwhile, a committee of central bankers is moving to create a global framework of responsibilities for cybersecurity standards between payment infrastructure providers like Swift and correspondent banks.

“Recent incidents of cyber fraud are of significant concern for the central banking community, and we are working to make sure there are adequate checks and balances in place at each stage of the payments process,” the European Central Bank’s Benoît Coeuré, who is chairman of the Committee of Payments and Market Infrastructures, said Friday.

Write to Katy Burne at katy.burne@wsj.com

This story was first published on The Wall Street Journal.

More from Trading & Technology

Let’s block ads! (Why?)

Trading & Technology – Financial News Online

You May Also Like

Leave a Reply

Your email address will not be published. Required fields are marked *