SEC chair says hackers are the biggest threat to financial system

Hackers recently stole $81 million cyber-theft by targeting SWIFT, the global financial transfer network. But the NSA targeted the system some years prior, setting a dangerous precedent.
Written by Zack Whittaker, Contributor

Hackers pose the greatest risk to the global financial systems, a leading government official has said.

(Image: Garrett Ewald/SWIFT)

Mary Jo White, chair of the Securities and Exchange Commission (SEC) told reporters Tuesday in what Reuters called "one of the frankest assessments yet" of the threat to Wall Street from online adversaries.

White said, according to the news agency: "What we found, as a general matter so far, is a lot of preparedness, a lot of awareness but also their policies and procedures are not tailored to their particular risks."

"We can't do enough in this sector," she added.

It comes not long after a cyber-heist that let hackers steal $81 million from the Bangladeshi central bank through the global SWIFT transfer system, which helps banks transfer payments across borders.

SWIFT is a high target for malicious actors and digital adversaries -- not least because it's reportedly an easy target. An incident investigator said that the bank has no firewall, and used second-hand switches to connect computer systems to SWIFT.

It's not the first time SWIFT has been in the crosshairs of hackers.

The NSA's own Tailored Access Operations (TAO), the government's in-house hacking unit, was caught spying on international payments. But that likely isn't all they did. As pointed out by national security writer Marcy Wheeler, the Obama administration's own review group said that governments "should not use their offensive cyber capabilities to change the amounts held in financial accounts or otherwise manipulate the financial systems."

Given the stress surrounding the hacks and the likely holes in the global financial transfer system, several US banks are reportedly scrutinizing the security of the system.

Editorial standards