Just one year after the SWIFT international bank transfer system enhanced its cyber security, another breach has emerged: an Indian bank has confirmed that criminals gained access to its systems and made transfers totaling US$1.8 million.
City Union Bank whit base on Kumbakonam issued a statement on Sunday February 18, in it, the bank says it suffered an attack by international hackers and there is no evidence of internal staff involvement.
According to the statement, the transactions took place on or before February 7, when its reconciliation processes identified the three fraudulent transactions.
A transfer of $500,000 through Standard Chartered to a Dubai bank was blocked at the source. But seems to be that SWIFT`s soft detectors worked for the transfer to Dubai. But a second made it to a Turkish bank and $1m is still missing after being transferred through a Bank of America account to a Chinese destination and withdrawn by an unknown beneficiary.
The Indian consulate in Istanbul is assisting with efforts to recover funds from the Turkish transfer.
SWIFT launched a scanning service designed to spot fraudulent transactions in April 2017, as part of its response to the 2016 incident that saw a data security violation at Bangladesh Bank, which let the attackers break into the international funds transfer system. On that occasion, $81 million was transferred. The attackers tried to steal over $1bn, but were thwarted by a typo in one of their attempted transfers.
SWIFT later warned banks to tighten their security. But it remained a target, and in October 2017, a Taiwanese bank had $60 million attack. Those funds were recovered, and the attackers arrested.
It’s not yet reveled how criminals exploited the Bank’s previous security regime, so it is unknown if SWIFT or Union Bank is the source of the problem.