…to start locking banks out of SWIFT (no, I don’t mean as a matter of National Policy).
A little-noticed lawsuit details a hacking attack similar to one that stole $81 million from Bangladesh’s central bank, saying cybercriminals stole about $9 million last year from a bank in Ecuador. The case suggests global bankers haven’t been sharing critical information to prevent such heists.
And
A third attack, from December 2015 at a commercial bank in Vietnam, was detailed last week….
The banks aren’t telling SWIFT about these attacks, either.
A spokeswoman for Swift said Thursday that the network was never told of the earlier hack. “We need to be informed by customers of such frauds if they relate to our products and services, so that we can inform and support the wider community,” said spokeswoman Natasha de Teran.
Bad security and victim banks didn’t tell SWIFT, despite SWIFT warnings:
We specifically remind all users to respect their obligations to immediately inform Swift of any suspected fraudulent use of their institution’s Swift connectivity or related to Swift products and services…. The security of our global financial community can only be ensured through a collaborative approach. To this end, it is essential that you share critical security information related to Swift with us.