In a notice sent to its clients, the Society for Worldwide Interbank Financial Telecommunication (SWIFT) revealed that new attempts have been made to steal funds from banks and that, despite new security measures being put in place, some of the cyberattacks have been at least partially successful.
"Customers' environments have been compromised, and subsequent attempts [were] made to send fraudulent payment instructions," said the letter seen by Reuters. "The threat is persistent, adaptive and sophisticated -- and it is here to stay."
While SWIFT indicated that some banks have had money stolen as a result of these new attacks, it hasn't disclosed which institutions have been affected, how much has been lost, or how many of the latest hacking attempts have succeeded. However, the group said that various methods were used for accessing SWIFT in efforts to send fraudulent payment instructions.
What the SWIFT notice does reveal is how all of the new victims -- which vary in size and location -- do share one thing in common: all had flaws in their local security that hackers were able to use to compromise networks and send fraudulent messages requesting money transfers.
In the case of February's Bangladeshi bank incident, hackers were ultimately able to take advantage of its almost non-existent security, with no firewalls and the cheap, secondhand networking gear used to connect to SWIFT, in order to infiltrate the bank's systems and make off with millions.
SWIFT is providing tighter guidelines that auditors and regulators can use to assess whether banks' SWIFT security procedures are good enough to use the system.
The organisation has also warned banks that it might report them to regulators if they don't meet the November deadline for installing the latest version of its software, which contains features designed to prevent the known attacks.
"In a communication to all users, SWIFT has informed its customers about the tangible results already delivered by the Customer Security Programme, urged customers to take appropriate measures and warned on ongoing attacks on customer firms," a SWIFT spokesperson said.
"The letter reassures SWIFT customers that the cooperative has no indication that the SWIFT network and core messaging services have been compromised and sets out the progress SWIFT has made with its Customer Security Programme."