Everyday is lazarus.dayβ

SWIFT Attacks Require Swift Investigations

2017-01-06, Checkpoint


Gadi Naveh, Advanced Threat Prevention Evangelist and Tamara Leiderfarb, SandBlast Agent Technology Leader.

SWIFT, the global financial messaging system, issued an alert message regarding new customer’s compromised environments by sophisticated adaptive attackers in an attempt to send fraudulent payment instructions. This resulted in February this year, when a successful attack of over $1 billion transactions were made from Bangladesh’s central bank resulted in $81 million in unrecoverable losses. This added to several other SWIFT heists disclosed and suspected.

Some research suggests that these attacks connect them to previous high yielding actors such as the Carabanak banking fraud team and the Sony hackers. In such a persistent and targeted attack where the victim is well-selected for security weaknesses and high potential gains, the attackers spent a lot of effort examining the victim to penetrating their premises and keeping a stealth hold inside the bank. For a hacker, much importance was given to …