back to article Finance bods SWIFT to update after Bangladesh hack

Security vendors are pushing for a more comprehensive revamp of the SWIFT international inter-bank financial transaction messaging system beyond a update prompted by an $81m hack against Bangladesh's central bank. The loss of $81m (part of an attempted $950m heist) in February’s Bangladesh cyber-heist – reckoned to be the …

  1. RIBrsiq

    What I would like... what I would really like is for someone to explain the decision process that led to that $10 switch being deployed in that environment.

    1. Anonymous Coward
      Anonymous Coward

      The real story... why did they blow the entire $10 budget on switches and not get a firewall.

    2. Ilsa Loving

      Because... well... because Bangladesh.

      I know someone who had a contract job there. Without going into details, what he witnessed of their office politics and culture, basically guarantees the non-existence of quality in what they do.

  2. Anonymous Coward
    Anonymous Coward

    Local access required

    The attackers / intruders needed to get the credentials of the user the Swift software runs under. When you get such credentials then you can use the local software. I am somewhat happy this happened at a bank and not at my favourite nuclear power station nearby.

    Anon for obvious reason.

  3. batfastad


    > Hackers lifted the Bangladesh central bank key’s


  4. Cynic_999 Silver badge

    Why the emphasis on the cost of a switch, as if cheap=insecure (and presumably expensive=secure)? The insecurity is far more likely to have been due to the topography of the network than the cost of its components. It's perfectly OK to use a $10 switch in a properly secured internal network, and I can assure you that the use of gold plated oxygen-free network cables costing £100 per metre won't do anything to make your system less likely to be hacked.

    1. Stu J

      Cheap switches usually don't have the capability to manage and monitor, and cheap second-hand switches are usually cheap because they're EoL or near as damn it - which means any vulnerabilities in the firmware won't be fixed.

      The choice of such switches at that time doesn't necessarily mean they weren't fit for purpose at that point in time, however at best it's a short-sighted approach that reflects the attitude of the morons that put them in place. More telling, however, is the lack of firewall. That's just a case of "WTF???"

  5. Adrian 4 Silver badge

    Work garb

    I thought traders had to wear suits and pink shirts. Why is the one in the pic wearing a hoodie ?

  6. Omar Smith

    Malware vector used Oracle DLL

    Well, the clear solution is to ban SWIFT and Oracle software on banking computers.

  7. Keith Glass

    I am VERY glad. . .

    . . . .that I did not get that job at SWIFT, a year ago. Of course, interviewing there, it appeared to be H1b heaven. . .

  8. RedCardinal

    I lol'd at the ludicrous photo accompanying this article. Someone's been watching too much of the Matrix methinks.... :P

  9. Uffish

    The fat lady isn't singing yet

    Seems like they have been rootling around the coffers of a bank in Belgium.

  10. Anonymous Coward
    Anonymous Coward

    Too many mis-truths here.

    A few things need cleared up. The BoB failed to secure its networks, hosts, Swift gateway infrastructure and accounts both to the gateway software itself and the server it resided on. I'm failing to see how that is the fault of SWIFT whatsoever. The update SWIFT offered on the Alliance software was to make it easier to see if an attacker had made changes, by adjusting logging. Elsewhere the downstream systems were hacked and access granted to the attackers, where they able to make money movement instruction and hide the fact due to making changes in the PDFs the company used to validate the money movement process. Again, I'm not clear how SWIFT is at fault here?

    To sum it all up? People, secure your internal networks, your SWIFT gateway infrastructure (whether you use Alliance or not), secure your gateways hosts, secure our gateway accounts. Monitor, monitor monitor, for anomalous behavior! Use next gen machine learning firewalls, network devices, and endpoint protection! Any questions?

  11. Inachu


    Hell sir my list of IP addresses show that your pc is infected with a virus and I would like to help you to clean your windows system.

    ME: Ok. Sounds great! My OS is running at the moment and its playing in my car and it hasn't crashed yet.

    They hang up.


POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019