You may also be interested in:


SWIFT Service Bureau Targeted in 1.3MM Bank Hack Attempt

  • By Andrew Deichler
  • Published: 5/16/2016
COMM-16-swift2-PgHdr.jpgThe latest twist in the unfolding SWIFT hacking scandal may hit even closer to home for corporate treasurers, as a SWIFT Service Bureau was the method of choice in a bank hack attempt worth more than $1.3 million.

Defense contractor BAE Systems, which first reported that SWIFT software had been compromised in the Bangladesh Bank hack, said Friday that fraudsters targeted a Vietnamese bank in the second attack. Although the bank was not named, Vietnam’s Tien Phong Bank (TPBank) told Reuters on Sunday that a third-party service it used to connect to SWIFT was attacked by hackers late last year.

TPBank said it identified a suspicious transaction worth more than $1.3 million, transferred by invalid SWIFT messages that the bank did not execute itself. Fortunately, the attack did not cause any actual losses and “had no impact on the SWIFT system in particular and the transaction system between the bank and customers in general,” the bank said.

TPBank added that the servers of the third-party vendor were based overseas. It has since stopped using the vendor on SWIFT's advice.

This latest development should serve as a cautionary tale to corporate treasurers. Any corporates who connect to the network through a SWIFT Service Bureau (SSB) should do their due diligence and make sure that the vendor’s security is up-to-date. "As a chain is only as strong as its weakest link it is important to ensure all parties a corporate uses for transfers are secure," said Magnus Carlsson, Manager, Treasury & Payments for AFP.

Fortunately for SWIFT, at least some corporates that use the network are not blaming the cooperative for this recent string of attacks. A treasurer who wished to remain anonymous told AFP that he is confident the SWIFT network wasn’t breached and added that it is not SWIFT’s responsibility to oversee financial institutions’ secondary controls within their respective firewalls.

AFP has prepared a list of five steps treasury can take to protect its organization.
Navigate Revenue Uncertainty

Don’t let revenue uncertainty affect your business. AFP’s Top-Line Modeling workshop will teach you how to navigate seasonality and how to create an effective revenue model.

Register for this valuable pre-conference workshop today.

Copyright © 2019 Association for Financial Professionals, Inc.
All rights reserved.