Reuters/Carlo Allegri/Illustration/File Photo
SWIFT’s payment network was not hacked in the $81 million heist on the Bangladesh central bank earlier this year, SWIFT’s chief executive said on Thursday, adding it was unlikely to be the last such attack on a bank.
Gottfried Leibbrandt said SWIFT’s network, used by firms and institutions across the world to exchange information about financial transactions, had not been violated during the cyber attack, in which funds were stolen from a Bangladesh central bank account at the New York Fed in February.
Security researchers at British defense contractor BAE Systems said last month the hackers had manipulated SWIFT’s Alliance Access server software, which banks use to interface with SWIFT’s messaging platform, in a bid to cover up the fraudulent transfers they had ordered.
“At the end of the day we weren’t breached, it was from our perspective a customer fraud,” Leibbrandt said at a financial conference in Frankfurt.
“I don’t think it was the first, I don’t think it will be the last.”
The SWIFT messaging network is used by commercial and central banks including the Fed and the ECB.
SWIFT, a cooperative owned by 3,000 financial institutions, has rejected allegations by officials in Bangladesh that its technicians made the Asian country’s central bank more vulnerable to hacking before the heist, one of the biggest ever cyber swindles.
Bangladeshi police and a central bank official told Reuters the SWIFT technicians introduced security loopholes when connecting the messaging network to Bangladesh’s first real-time gross settlement (RTGS) system.
Reuters has not been able to independently verify the allegations.
In a letter to users dated May 3, SWIFT told its bank customers that they were responsible for securing computers used to send messages over its network.
Representatives from SWIFT, the Federal Reserve Bank of New York and the Bangladesh Bank met in Basel on Tuesday and promised to cooperate to recover the stolen funds, following weeks of accusations over who is to blame.
(Reporting by Francesco Canepa; editing by Andrew Roche)