Foiled cyber heist in Malaysia reveals ongoing security challenges

Foiled cyber heist in Malaysia reveals ongoing security challenges

FORUM staff

A thwarted cyber heist at Malaysia’s central bank reveals nagging vulnerabilities in a widely used messaging network for wire transfers, experts said.

Bank Negara Malaysia didn’t lose money in the March 2018 attempted heist, which involved falsified wire-transfer requests over the SWIFT bank messaging network, Reuters reported. A similar hack in 2016 resulted in the loss of U.S. $81 million from Bangladesh Bank.

Cyber criminals have been exploiting the SWIFT platform, which stands for the Society for Worldwide Interbank Financial Telecommunication.

India’s City Union Bank reported in February 2018 that someone made unauthorized transfers of nearly U.S. $2 million by hacking the SWIFT system, according to Gulf News, an English-language newspaper in the United Arab Emirates. The private lender said it discovered three fraudulent transactions that were sent to accounts in China, Dubai and Turkey. N. Kamakodi, the bank’s chief executive officer, described the heist as an international conspiracy.

“This is basically a cyber attack by international cyber criminals,” he said.

Cyber thieves also targeted a Russian bank in late 2017. Hackers stole U.S. $6 million by accessing the SWIFT messaging system, the Russian central bank reported. A central bank spokesman said hackers took control of a computer at a Russian bank and used the SWIFT system to transfer money to their own accounts, Reuters reported.

In Malaysia, Bank Negara would not say who was behind the hack or how they accessed the bank’s servers. The renewed targeting of a central bank, however, will likely spur institutions worldwide to review their cyber defenses, experts said. “You thwarted an attack, but you didn’t actually catch the hackers,” said Tom Kellermann, a former member of the World Bank security team, according to Reuters. “That adversary is still out there attempting to exploit the system.”

A Bangladesh Bank official said the incident in Malaysia shows that cyber thieves are growing in sophistication.

“After the attack on our central bank, SWIFT took several measures to protect the system globally, but yet this is happening, meaning criminals have more ability and more capable weapons,” Abu Hena Mohd. Razee Hassan, deputy governor of Bangladesh Bank, told Reuters. “So, this is the time to further improve the financial transfer system globally.”

SWIFT has said in the past that its central network has never been hacked, but terminals within banks used to access the network have been compromised. SWIFT declined to comment on the cases known to the public, which include attacks on Taiwan’s Far Eastern International Bank and Nepal’s NIC Asia Bank.

In Taiwan, financial regulators fined the bank due to deficiencies in its cyber security. Hackers in October 2017 attempted to steal about U.S. $60 million. The funds were initially stolen, although the bank recovered all but about U.S. $500,000 by late 2017, Reuters reported.

In Nepal, the NIC Asia Bank reported that cyber criminals hacked its SWIFT server in October 2017, making about U.S. $4.4 million in illegal transfers, according to The bank, which is in the capital city of Kathmandu, also recovered most of the money. The theft was the Himalayan nation’s first reported cyber heist.