The global banking system is (still) under attack.
SWIFT, the messaging network that connects the world's banks, says it has identified new hacks targeting its members, and it is warning them to beef up security in the face of "ongoing attacks." It did not name the banks affected.
The warning follows cyberattacks on banks in Bangladesh, Vietnam, the Philippines and Ecuador in which malware was used to circumvent local security systems, and in some cases, steal money.
An attack on Bangladesh's central bank yielded $101 million. Ecuador's Banco del Austro was hit for $12 million.
The message from SWIFT, which was first reported by Reuters, urges banks to protect themselves against the "persistent, adaptive and sophisticated" attacks, which use a similar method to crack their local security systems.
"These weaknesses have been identified and exploited by the attackers, enabling them to compromise the customers' local environments and input the fraudulent messages," SWIFT said.
SWIFT did not say how many new attacks had been discovered. The company says that its network and core messaging services have not been compromised by the attacks.
In each documented case, the criminals followed the same basic pattern:
- Attackers used malware to circumvent a bank's local security systems.
- They gained access to the SWIFT messaging network.
- Fraudulent messages were sent via SWIFT to initiate cash transfers from accounts at larger banks.
Related: Casinos, money laundering and wire transfers: Inside a global bank heist
SWIFT CEO Gottfried Leibbrandt warned in May that more attacks could have occurred.
"The Bangladesh fraud is not an isolated incident: we are aware of at least two, but possibly more, other cases where fraudsters used the same modus operandi, albeit without the spectacular amounts," he said.
Related: Two hours and 1,600 fake credit cards later: $13 million is gone
Leibbrandt said the method of attack is much more serious than a typical data breach or theft of customer information. Instead, the loss of control over payment channels could bring down a bank.
"In the recent cases, thieves were able to move just some of those banks' overseas assets," he said. "As a result, for the banks concerned, the events haven't been existential. The point is that they could have been."
SWIFT is taking extra measures to secure client banks, including sharing more information, supporting security audits and introducing tougher requirements for local bank computer networks.
Cybersecurity researchers have suggested that a hacking team known as "Lazarus" is responsible for the attacks. In May, U.S. law enforcement officials told CNNMoney that the attackers may be linked to North Korea.