Login Subscribe
 

Login

  Username
  Password
    Remember Me
   
 

Not a subscriber/registered visitor?

The Asian Banker website offers registered readers and subscribers a wide range of valuable research and analysis on the financial services industry.

All visitors must register to gain access. Access to selected news, research and our regular e-newsletters is free for up to 5 days from the time they are posted. Detailed research content and archieves are accessible only to paying subscribers.

If you wish to review our data subscription packages for full access to all data and research, please find the subscription options here.
   

Press Release
Published April 16, 2017
View complete press releases list

US government "monitored bank transfers"

Date: April 16, 2017
Categories: riskregulation, Risk and Regulation, Security, technology
Keywords: US, NSA, SWIFT, bank transfers


A huge range of security weaknesses, said to be worth more than $2m (£1.6m) if sold on the black market, have been leaked online by a hacking group.The tools are said to have been created by the US National Security Agency.

Accompanying documents appear to indicate it was able to monitor money flows among some Middle East and Latin American banks.

It apparently did this by gaining access to two service bureaus of the Swift global banking system.

Such a hack could have enabled the US to covertly monitor financial transactions, researchers said.

The files were released by Shadow Brokers, a hacking group that has previously leaked malware.

If genuine, it represents perhaps the most significant exposure of the US agency's files since the Edward Snowden leaks in 2013.

On Twitter, Mr Snowden described it as the "Mother Of All Exploits" - a reference to a bomb recently used by the US military in Afghanistan.

Multiple experts have said this latest "data dump" is credible - though the institutions implicated have dismissed the claims, or refused to comment.

Swift, which is headquartered in Belgium, said: "We have no evidence to suggest that there has ever been any unauthorised access to our network or messaging services."

The BBC is not able to verify the authenticity of the files - and the NSA has not commented on the leak.

Swift was successfully targeted by hackers last year when criminals stole $81m from the Bangladeshi central bank.

Watching the Middle East
Swift is a network that allows global banks to move money around the world.

In the Swift network, smaller banks often make use of service bureaus to handle transactions on their behalf. Documents included in the leak suggest at least one major bureau, EastNets, may have been compromised.

"If you hack the service bureau, it means that you also have access to all of their clients, all of the banks," said Matt Suiche, founder of the United Arab Emirates-based cybersecurity firm Comae Technologies, speaking to Reuters.

Headquartered in Dubai, EastNets has clients in Kuwait, Dubai, Bahrain, Jordan, Yemen and Qatar. Spreadsheets published by Shadow Brokers appeared to list banks that had been breached with "implants" - secret data-gathering software.

Cris Thomas, a security researcher with Tenable, said analysis of the leaked files suggested the US government had the capability "to monitor, if not disrupt, financial transactions to terrorists groups".

In a statement on Friday, EastNets strongly denied the claims.

"The reports of an alleged hacker-compromised EastNets Service Bureau network is totally false and unfounded," a spokesperson said.

"The EastNets Network Internal Security Unit has run a complete check of its servers and found no hacker compromise or any vulnerabilities.

"The photos shown on Twitter, claiming compromised information, is about pages that are outdated and obsolete, generated on a low-level internal server that is retired since 2013."

Windows threat
The files contained several "zero day" exploits - vulnerabilities that were previously unknown to the companies that create the software, or the security community at large.

The zero-days targeted Windows machines, though researchers said none in the cache would be effective against the latest version, Windows 10.

That said, multiple experts said the sheer number of zero days released at the same time was unprecedented. One researcher, speaking to Vice, said the exploits would have been worth more than $2m if sold privately.

In January, a Twitter account believed to be run by the group announced an auction of the exploits, but it appears the group did not find any buyers. The NSA is now facing criticism for not sharing details of the exploits with Microsoft once it became clear the tools were in the hands of a hacking group.

Microsoft said in a statement to the BBC that it was "reviewing the report and will take the necessary actions to protect our customers".

Re-disseminated by The Asian Banker from BBC

Add a new comment:




Allowed tags: <b><i><br>



Comments (0)