7. Latest Hacks and Financial Community Response
What is new
Hiding evidence
• Is the only change. Hackers simply crash the server after
submitting messages.
• An average of 72 hours is required to clear the money from the
next correspondent
Hackers Still
• Using phishing emails to compromise bank systems
• Around 250 days monitoring the transaction flow after
penetrating the bank
• Use valid operator credentials to submit fraudulent SWIFT
messages
The Response
• Launch of SWIFT Customer Security Programme
• More frequent patching of the systems
• Mandatory usage of 2FA for bank SWIFT operators
• Systems monitoring with business rules
• Adoption of a threat hunting program to detect attackers
sooner