SWIFT: Even more banks have been targeted by cyber thieves

"The Bangladesh fraud is not an isolated incident," admits SWIFT CEO Gottfried Leibbrandt

Attacks on banks' payment systems by cyber thieves are more widespread than feared, SWIFT CEO Gottfried Leibbrandt will admit today at a banking conference in Brussels.

It follows a warning earlier this month from SWIFT, the global inter-banking payments system, to expect more attacks targeting its technology.

"The Bangladesh fraud is not an isolated incident: we are aware of at least two, but possibly more, other cases where fraudsters used the same modus operandi, albeit without the spectacular amounts," Leibbrandt is expected to say.

He will continue: "The banks were compromised, credentials to payment generation systems were obtained to send fraudulent payments and the statements/confirmations from their counterparties were obfuscated."

In addition to Bangladesh Bank, where the fraudsters made off with $81m from a total of $951m in transfers that they had attempted, Ecuadorian bank Banco del Austro claims that it lost $12m in a similar attack early last year, while Vietnam's Tien Phong Commercial Joint Stock Bank, better known as TPBank, claims to have foiled an attack in April.

Now, though, SWIFT is warning that more banks may have been targeted and has promised to introduce further security measures in a bid to detect potentially fraudulent transfers. These include pattern recognition software intended to identify suspicious behaviour. More details about SWIFT's security plans will be released on Thursday.

However, more rigorously enforced KYC - know your customer - procedures would also help.

In the Bangladesh Bank case, the fraudsters sought to transfer their stolen money to bogus accounts at banks in the Philippines, making off with $81m from a string of transfers totalling $951m. The transactions were interrupted after just over $100m had been transferred via Bangladesh Bank's account at the New York Federal Reserve after an elementary spelling error in the beneficiary was queried by correspondent bank Deutsche Bank. Just $20m was traced and returned.

According to BAE Systems, whose cyber security arm has been involved in the investigations, the thieves gained access to Bangladesh Bank's network via an official's compromised PC. Its network, too, was found to be thoroughly insecure, with inadequate firewall between its SWIFT payment systems and the rest of its network.