Hackers show US tracking transfers
HACKERS released documents and files on Friday that cybersecurity experts said indicated the US National Security Agency had accessed the Swift interbank messaging system, allowing it to monitor money flows among some Middle Eastern and Latin American banks.
The release included computer code that could be adapted by criminals to break into Swift servers and monitor messaging activity, said Shane Shook, a cyber-security consultant who has helped banks investigate breaches.
The documents and files were released by a group calling themselves The Shadow Brokers. Some of the records bear NSA seals.
Under attack The NSA could not immediately be reached for comment.
Also published were many programs for attacking various versions of the Windows operating system, at least some of which still worked, researchers said.
Microsoft, the maker of Windows, said it had not been warned by any part of the US government that such files existed or had been stolen.
Shook said criminal hackers could use the information released on Friday to hack into banks and steal money in operations mimicking a heist last year of $81 million from the Bangladesh central bank.
“The release of these capabilities could enable fraud like we saw at Bangladesh Bank,” he said.
The Swift messaging system is used by banks to transfer trillions of dollars each day. Belgium-based Swift downplayed the risk of attacks employing the code released by hackers on Friday.
Swift said it regularly released security updates and instructed client banks on how to handle known threats.
“We mandate that all customers apply the security updates within specified times,” Swift said. It said it had no evidence that the main Swift network had been accessed without authorisation.
It was possible that the local messaging systems of some Swift client banks had been breached, Swift said.
Hackers could use it to hack into banks and steal money in operations like the Bangladesh heist.
When cyber-thieves robbed the Bangladesh Bank last year, they compromised that bank’s local Swift network to order money transfers from its account at the New York Federal Reserve.
“If you hack the service bureau, it means you also have access to all of their clients, all of the banks,” said Matt Suiche, founder of the United Arab Emirates-based cybersecurity firm Comae Technologies, who has studied the Shadow Broker releases and believes the group has access to NSA files.