Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

G7 Boost Banking Cybersecurity as New SWIFT Threat Emerges

The G7 group of leading economies laid out a new framework for battling the hacking of financial institutions Tuesday as a new threat using the SWIFT interbank network emerged.

The G7 group of leading economies laid out a new framework for battling the hacking of financial institutions Tuesday as a new threat using the SWIFT interbank network emerged.

Reacting to a rise in hacking incidents that have robbed banks of everything from client databases to hundreds of millions of dollars, the G7 group issued a set of principles for banks to implement cybersecurity programs.

“The recent incident involving the SWIFT network and other cyberattacks really underscore the imperative for robust cyber security throughout the global financial sector,” said US Treasury Deputy Secretary Sarah Bloom Raskin.

“These threats have not destabilized the financial sector but they threaten to destabilize it,” she said.

Raskin is co-chair of the Cyber Expert Group of the G7 — the United States, Canada, France, Germany, Italy, Japan, and the United Kingdom.

The two-page “Fundamental Elements of Cybersecurity” outlines the building blocks of an effective risk-based bank program to defend itself and the broader financial system from cyber threats.

The guidelines are aimed at public and private sector financial institution board members and top management to use for shaping and assessing their company’s cyber strategy.

The stunning theft earlier this year of $81 million from Bangladesh’s central bank drew attention to the vulnerabilities of financial sector institutions to cyber threats, especially those using the SWIFT worldwide network for interbank transfers.

Advertisement. Scroll to continue reading.

After the Bangladesh heist, SWIFT said the incident was “not a single occurrence, but part of a wider and highly adaptive campaign targeting banks.”

That has elevated the alarm levels in the world’s leading finance ministers and central bank chiefs.

“The challenge with cyber security is that the threat vectors can be difficult to discern and are constantly morphing in search of financial sector vulnerabilities,” said Raskin.

That issue was underscored Tuesday when computer security group Symantec issued a warning over a new malware threat to financial organizations called “Odinaff“.

Odinaff has been deployed widely around the world since January 2016 in attacks that “appear to be extremely focused on organizations operating in the banking, securities, trading, and payroll sectors,” it said.

Symantec said the Odinaff attackers make use of some of the infrastructure used by some earlier attacks tapping the SWIFT network known as Carbanak. Yet another group, known as Lazarus, is believed behind the Bangladesh threat.

“These attacks require a large amount of hands on involvement” with “a heavy investment in the coordination, development, deployment, and operation” of the tools used to break into the targets’ systems, Symantec said.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Karl Triebes has joined Ivanti as Chief Product Officer.

Steven Hernandez has joined USAID as CISO and Deputy CIO.

Data security and privacy firm Protegrity has named Michael Howard as its CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.