On Friday December 15, hackers broke into computer systems of Globexbank, owned by VEB, and withdrew from it an amount equivalent to $1 million through the international payment system SWIFT. Vedomosti reports this with reference to the bank’s counterparties and a source in VEB.
Head of Globexbank Valery Ovsyannikov confirmed the information about the cyberattack. He added that at the same time, the funds of the bank’s clients were not affected.
Sources responsible for security of payments note that this is probably not the first time when SWIFT system is used for hacking a bank. The corporation, in turn, says that it gives great attention to cyber security, and until now there has been no confirmation of anyone’s unauthorized access to the system.
According to Cisco security consultant Alexey Lukatsky, in this case it is not about hacking SWIFT. It was used to withdraw money directly abroad by hacking into a banking network from which payments can be transferred. Previously, hackers often hacked the remote client’s workplace of the Bank of Russia, through which banks exchange messages with the Central Bank (CB). This system does not allow withdrawing funds abroad. In addition, the Central Bank issued an instruction to protect the remote workplace, and the banks learned to quickly monitor such attacks and freeze money before the scammers managed to withdraw them. In this regard, hackers have lost interest in the workstation.
Kommersant reports that shortly before the attack, the bank passed the CB audit, and the regulator presented “certain claims” on the level of information security. However, it is not established whether they were fulfilled.
Theft of funds through SWIFT is quite a common practice worldwide. So, in February 2016, hackers stole about $80 million from the correspondent accounts of the Central Bank of Bangladesh in the Federal Reserve Bank of New York.
The managing partner of RosSWIFT, Maxim Zimonov, noted that Russia is the only country in the world where interaction with the SWIFT system goes through the intermediary company Alliance Factors. The company has access to all confidential user information, including IP addresses. Previously, SWIFT promised to eliminate the intermediary from relations with Russian banks, but the date of the company’s refusal to provide services was repeatedly postponed. At the moment it is about the end of 2018.
According to the rating of Interfax upon the results of the third quarter of 2017, Globexbank held 54th place in Russia in terms of assets. Their value is 116.6 billion rubles ($1.9bn). During the same period, the bank earned 766.6 million rubles ($13bn). At the end of the first quarter of 2018, the bank will be transferred to the Federal Property Management Agency.