37 C
Sunday, April 21, 2024


Three years after hackers managed to siphon off close to US$1 billion from the Federal Reserve Bank of New York account belonging to Bangladesh Bank, criminals are now vying for smaller amounts in an attempt to avoid detection.

A report by Bloomberg said that the amount of money stolen in 2018 averaged between $250,000 and $2 million, which is down from amounts in the tens of millions, according to a report by interbank messaging service SWIFT.

Almost all fraudulent transactions — 83 percent — were sent to banks in the Asia-Pacific region, while the targeted lenders were mostly located in countries rated highly corrupt by international regulators like Tajikistan, Mozambique and Afghanistan, SWIFT said.

‘The higher the value of the instruction, the higher the risk of triggering fraud-detection systems,’ SWIFT said in the study.

‘Since the cyber incident in Bangladesh, the amounts sent in individual fraudulent transactions have evolved, making them harder to detect.’

SWIFT has upwards of 11,000 global members, and created a set of measures for protection after a swath of electronic heists in 2016, many of which targeted the central bank of Bangladesh. SWIFT has also provided banks with technology to notice abnormalities in wire transfers.

In addition to the lower amounts that cyber criminals are trying to steal, they’ve also been sending the orders during daytime hours in an attempt to blend in with normal daily traffic.

Before, criminals would send the orders on holidays or after banking hours in the hopes of avoiding detection.

SWIFT’s information sharing initiative has contributed to significant improvements in the community’s collective cyber defenses as well as the introduction of fraud detection and prevention capabilities, such as the Payment Controls Service and the Daily Validation Report tool.

These products are aimed at mitigating the risks associated with cyber fraud, and are designed to supplement the fraud controls that financial institutions should already have in place.

According to the SWIFT report, the industry should continuously increase the strength and diversity of its defenses and ensure it understands the nature of the changing threat.

This means being proactive in limiting criminal opportunities linked to systems and business practices, it means ensuring proper preparedness and understanding counterparty cyber risk.

Related Articles


Cloud Computing Security Issues, Threats and Controls

Cloud Computing and service models  The official NIST definition (NIST 800-145) of cloud computing says, “Cloud Computing is a model for enabling ubiquitous, convenient, on-demand...
API and Open Banking

API and Open Banking: Way for New Service Innovation for Banks and FinTech Companies

The people who gathered at a hall room of a city hotel in last month had one thing in common—they all are working in...
ISO 2001

ISO 27002: 2022 Implementation vs Reality

After almost a decade, ISO27001: 2013 is going to publish its new iteration of ISO27001:2022 in second (2nd) Quarter this year1. But prior to...
Deepfakes: The Synthetic Media I want to believe

Deepfakes: The Synthetic Media I want to believe

What Are Deepfakes? A deepfake is a sort of "synthetic media," which refers to material (such as images, audio, and video) that has been modified...
The power of API platforms

The power of API platforms brings the open banking promise into sharper focus

Open banking is a global phenomenon whose merits are felt in virtually every time zone, including those in the Asia-Pacific region. In contrast to...
Blockchains Gaming and Collusion

“Blockchains: Gaming and Collusion- A Reading in Political Economy”:  Futuristic Exploration with Fact-based Analysis

In this digital age, it has become quite common for us to constantly remain mesmerized by fascinating technologies.  However, deeper thoughts about those technologies,...