Cyber criminals have stolen US$10m from a bank in Ukraine by invading its computer system and using the inter-bank transfer system SWIFT to siphon away the money.
The incident is one in a string of several cyber-heists targeting banks worldwide, including the theft of US$81m
from the Bangladesh central bank.
The affected Ukrainian bank tapped the Information Systems Audit and Control Association (ISACA) to investigate the hacking and remedy the damage. According to ISACA, there is evidence of hackers moving millions of dollars into a network of offshore companies using SWIFT.
"At the current moment, dozens of banks (mostly in Ukraine and Russia) have been compromised, from which has been stolen hundreds of millions of dollars," said ISACA in a report by the English-language news outfit Kyiv Post.
IT security specialists at BAE Systems and Symantec have linked the Bangladeshi central bank hacking to the perpetrators of Sony Pictures Entertainment's systems last year. The US government pinned the Sony infiltration on North Korea – so there are suspicions that Pyongyang had a hand in the recent SWIFT-related cyber-thefts.
SWIFT has stressed repeatedly that its network and systems are secure, and that security on the banks’ end is needed to prevent their systems from being compromised. It also considers suspending banks with sub-par cyber security until they make the necessary improvements.
Cyber firms: Bangladesh hackers have attacked SEA banks
Central banks of Indonesia and South Korea targeted by cyber attacks
Zurich unveils cyberattack response solution