Criminals Abused SWIFT to Steal $6M from Central Bank of Russia

Posted on February 16, 2018
Riviera Beach Pays Nearly $600K to Recover Data after Ransomware Attack
Unknown criminals abused the SWIFT network to steal 339.5 million rubles ($6 million) from the Central Bank of Russia in 2017. The bank's Financial Sector Computer Emergency Response Team (FinCERT) revealed the attack in its report on illegal transactions that occurred in 2017. As quoted by Sputnik International:
Bank of Russia has been informed about one successful attack on the workstation of a SWIFT system operator. The illegal operations that resulted from this attack amounted to 339.5 million rubles.
A spokesperson for the Central Bank of Russia explained that criminals accessed a computer at one of the bank's branches and abused SWIFT to transfer money to accounts under their control. According to Reuters, the bank representative declined to identify the affected branch, but they did quote Artem Sychev, deputy head of the central bank’s security department, in saying the attack was "a common scheme."
2cb79f7a89b3a21c027fc40560864c15.jpg
The Russian Central Bank (Source: CoinDesk) It's hard to dispute Sychev's claim. The past few years have seen numerous heists in which bad actors exploited SWIFT for wire transfer fraud. In December of 2017, criminals attempted to steal 55 million rubles ($940,000) from Russian state bank Globex by abusing the system. More than a year earlier, criminals used SWIFT to make off with $81 million from the Bangladesh Bank. Short for the Society for Worldwide Interbank Financial Telecommunication, SWIFT is a provider of secure messaging services for financial organizations. It allows banks and other associations to securely communicate with one another for the purpose of authorizing money transfers. Natasha de Teran, a spokesperson for the messaging service, said the company doesn't comment on specific entities and "offer[s]... assistance to the affected user to help secure its environment" in the event of potential fraud. It also has not identified the number of victim organizations from which criminals have stolen money. SWIFT maintains that malefactors haven't compromised its systems to defraud companies. It recommends that organizations adhere to its Customer Security Program (CSP) to better defend their environments against digital threats like malware.
Join over 20,000 IT security pros who get our top stories delivered to their inbox every week!