Did the NSA spy on Middle East banks using the SWIFT network?
New release from hacker group suggests U.S. compromised elements of global banking system
Banks are under cyber attack from every side, including, if you believe the latest claim from the Shadow Brokers hacking group, the National Security Agency.
In the case of the NSA, the latest data dump from the Shadow Brokers suggests the NSA’s motive was to surveil banking activity in the Middle East, not steal money, but any breach of security of the global messaging system could have significant consequences.
Wired has an in-depth article on the revelation. From the article:
Friday morning, the Shadow Brokers published documents that—if legitimate—show just how thoroughly US intelligence has compromised elements of the global banking system. The new leak includes evidence that the NSA hacked into EastNets, a Dubai-based firm that oversees payments in the global SWIFT transaction system for dozens of client banks and other firms, particularly in the Middle East. The leak includes detailed lists of hacked or potentially targeted computers, including those belonging to firms in Qatar, Dubai, Abu Dhabi, Syria, Yemen, and the Palestinian territories.
SWIFT is an international messaging network used by 10,000 banks in 212 countries to send information about financial transactions, including money transfers.
Hackers compromised the system in March 2016 — stealing the computer credentials of a SWIFT operator in Bangladesh —to send messages to the Federal Reserve Bank of New York that resulted in the theft of $81 million from the Bangladesh central bank.
Then SWIFT warned banks in an October 2016 letter, reported by Reuters here, about continued cyber attacks on the system, which have gotten even more sophisticated.
The attacks and new hacking tactics underscore the continuing vulnerability of the SWIFT messaging network, which handles trillions of dollars in fund transfers daily.
"The threat is very persistent, adaptive and sophisticated – and it is here to stay," SWIFT said in the November letter to client banks, seen by Reuters.
Now it seems that the NSA gained access to SWIFT customer accounts through one of SWIFT's service bureaus to monitor money flow in the Middle East, although EastNets has denied the claim. The From the Wired article:
“This is the equivalent of hacking all the banks in the region without having to hack them individually,” says Suiche, founder of UAE-based incident response and forensics startup Comae Technologies. “You have access to all their transactions.”