The Information Systems Audit and Control Association (ISACA) announced on Monday that an unnamed bank in Ukraine lost $10 million after intruders penetrated its network and used the SWIFT system to transfer money out of its accounts.
ISACA’s Kiev branch says the attack took place over several months. The hackers first breached the bank’s network, collected information about its internal infrastructure, and then launched their attack.
Ukraine bank hackers also used SWIFT transactions system
The attack targeted SWIFT, a system that allows banks to carry out transactions between one another using accounts issued to each institution. The SWIFT system was at the core of multiple cyber-heists in the past year.
While not in chronological order, the first cyber-heist that drew the world’s attention occurred when hackers tried to siphon off $1 billion from the central bank of Bangladesh’s account at the US Federal Reserve Bank in New York.
The attackers used the bank’s official SWIFT credentials to carry out illegal transactions and managed to steal $81 million before being detected because one of them had a typo in one of the money transfers that alerted bank employees.
At the center of this incident was malware specifically designed to target the SWIFT system and banks that didn’t properly implement security protections to safeguard their inter-banking transactions system.
Banks in five countries affected by SWIFT-based cyber-heists
Later it was also discovered that similar attacks took place before and after the media-hyped Bangladesh incident. Crooks also targeted banks in Ecuador, Vietnam, the Philippines, and New Zealand.
Only the Bangladesh central bank and Ecuador’s Banco del Austro acknowledged the incidents.
It is unknown if behind these attacks is one or multiple groups, but some evidence has surfaced linking a North Korean-based cyber-espionage group to these attacks.