Up to a dozen banks may have been targeted using malware to steal funds using the The Society for Worldwide Interbank Financial Telecommunication (Swift) platform, as one report claims that North Korea may be behind the attacks.

Security firm FireEye, Inc. is said to have been contacted by numerous other banks, including some in New Zealand and the Philippines, who have been targeted, although fortunately security systems detected the attempted transfers and canceled them.

“The emergence of new possible instances of compromise is not entirely surprising given that banks should now be undertaking rigorous reviews of their environments,” Swift said in a statement addressing the report. “Many may turn out to be false positives and or have nothing to do with Swift messages, but it is key that these reviews take place and banks’ environments are secured.”

In a separate report, Symantec, Inc. has suggested that those who attacked the Bangladesh Bank are linked to the hackers that targeted various companies and Government sites in both the United States and South Korea, including that of Sony Pictures Entertainment, Inc. in 2014; of note the Federal Bureau of Investigation (FBI) not only named North Korea as being suspected of that hack, but actually provided evidence to prove that they were.

Symantec believes they are all related due to the fact that the malware found at Bangladesh Bank, Sony, and other targeted companies all appear to share a common code for securely deleting files to cover its tracks. However, according to Bloomberg, experts say the shared code doesn’t necessarily mean the attacks were ordered by the North Korean Government.

Confirmation

The news that more banks had been targeted by the same group that has successfully robbed two banks now (that we know of) isn’t completely new versus confirmation given — Swift said in a statement to customers in April that other banks had been targeted.

Swift itself has implemented new software to address the attacks, and late last week also said it would expand its use of two-factor authentication when banks shift funds, among other initiatives such as improved network sharing, and access to third-party security tools.

While Swift’s commitment to try to address what is turning into a serious crisis of confidence for it should be commended, it may be a case of too little, too late.

photo credit: Voxphoto via photopin cc