Behind the scenes, SWIFT is upping the ante for financial institutions. If you do not upgrade your systems and put robust processes in place you find your institution disconnect from SWIFT. This is effectively a death sentence for a bank.
Wade Mackey
Ioannis S. Haviaras says
This article is very interesting and shows how even with such sensitive data organizations are reluctant to keep their systems up-to-date and secure. This is also present even among everyday consumers who do not update their mobile phones or operating systems which can cause serious security risks allowing hackers to get access to PII. A hacker’s ultimate goal is for monetary so making sure all of your systems are secure, especially in a financial institution is a must.
Jason A Lindsley says
The financial institution that I work for is taking this SWIFT attack very seriously. Although many North American banks do not have the security deficiencies that are described for Bangladesh Bank, nobody wants their dirty laundry aired with the regulators, customers and shareholders (as SWIFT has threatened to do).
Many banks are looking at both their IT general controls (e.g. logical access) and process controls related to SWIFT wire transfers to assess their overall control environment and whether they are susceptible to the attacks that were experienced earlier this year.
I agree that it would be impossible to survive in this industry if you could not use the SWIFT network for transferring funds.
Wade Mackey says
The other thing to keep in mind is that SWIFT is not the only system for moving money. I know some firms are taking the lessons from SWIFT and looking at their other systems to apply the same higher controls.