Latest topics
Swift Moves to Harden Customers’ Security
Page 1 of 1
Swift Moves to Harden Customers’ Security
Swift Moves to Harden Customers’ Security
Swift Chief Executive Gottfried Leibbrandt Photo: Jason Alden/Bloomberg News
By
Katy Burne
May 23, 2016 7:02 p.m. ET
The global money-transfer network Swift is setting up a program to guide security audits of its customers, part of an effort to plug gaps shown by a spate of attacks by cyberthieves.
Gottfried Leibbrandt, chief executive of the Society for Worldwide Interbank Financial Telecommunication, said audits will be part of a new set of standards for how customers should protect their systems and software.
A spokeswoman said audits likely would be conducted by independent third parties based on a framework to be set up by Swift.
It wasn’t clear whether they would be mandatory. Regulators or counterparties could require the audits, the spokeswoman said.
Mr. Leibbrandt’s comments appear in the prepared text of a speech to be delivered at a conference Tuesday in Brussels. They follow thefts in which hackers made use of fraudulently obtained Swift codes to steal $81 million from Bangladesh’s central bank and to order payments from commercial banks in Vietnam and Ecuador.
The Wall Street Journal last week reported the Ecuador attack from 2015. Swift said at the time it hadn’t been made aware of the breach. It is now reminding banks of the need to report such incidents and prevent them.
Meanwhile, Congresswoman Carolyn B. Maloney (D., N.Y.) on Monday asked the Federal Reserve, the Office of the Comptroller of the Currency and the Federal Deposit Insurance Corp. about what actions they had taken, or planned to take, to ensure that banking members of Swift had adequate cyber controls and were complying with system requirements.
The attacks raise a question that is increasingly relevant as critical functions are integrated into bigger networks: Does responsibility for security lie with the network operator or with its users? Computer-security experts increasingly say the answer is both, a conclusion that can require new thinking among network operators like Swift, which have said they aren’t liable for customer breaches but have an implied duty to protect the integrity of their entire networks.
The member-owned cooperative has repeatedly said its core messaging platform wasn’t compromised in the intrusions.
The breaches could raise uncertainty about Swift’s ability to guarantee the authenticity of its message traffic. Swift’s new program focuses on its customer systems, the part of the network long known to be a weak spot.
In his prepared remarks, Mr. Leibbrandt said Swift was “stepping up to the plate” and would do more to enhance its security, but said it wouldn’t work without banks and supervisors doing their part to make their systems less susceptible to attacks.
The steps include “drastically” improving the way customers share problems about their systems.
Swift also will develop tools for banks to use to spot anomalies in payments patterns, and new certification requirements for outside services such as consultants and software providers.
Mr. Leibbrandt reiterated that customers are responsible for their own systems and when thieves manage to steal their access codes, Swift “cannot assume responsibility for that.”
He called on the whole Swift community to do more, from Swift through to “third party suppliers, policy makers, regulators and our users, big and small. And particularly the large clearing banks.”
It remains to be seen whether customers will be more forthcoming and what mechanisms Swift could use to enforce existing guidelines that say customers must inform it of any breaches.
http://www.wsj.com/articles/swift-moves-to-harden-customers-security-1464044546
The global money-transfer network is setting up a program to guide security audits of its customers
Swift Chief Executive Gottfried Leibbrandt Photo: Jason Alden/Bloomberg News
By
Katy Burne
May 23, 2016 7:02 p.m. ET
The global money-transfer network Swift is setting up a program to guide security audits of its customers, part of an effort to plug gaps shown by a spate of attacks by cyberthieves.
Gottfried Leibbrandt, chief executive of the Society for Worldwide Interbank Financial Telecommunication, said audits will be part of a new set of standards for how customers should protect their systems and software.
A spokeswoman said audits likely would be conducted by independent third parties based on a framework to be set up by Swift.
It wasn’t clear whether they would be mandatory. Regulators or counterparties could require the audits, the spokeswoman said.
Mr. Leibbrandt’s comments appear in the prepared text of a speech to be delivered at a conference Tuesday in Brussels. They follow thefts in which hackers made use of fraudulently obtained Swift codes to steal $81 million from Bangladesh’s central bank and to order payments from commercial banks in Vietnam and Ecuador.
The Wall Street Journal last week reported the Ecuador attack from 2015. Swift said at the time it hadn’t been made aware of the breach. It is now reminding banks of the need to report such incidents and prevent them.
Meanwhile, Congresswoman Carolyn B. Maloney (D., N.Y.) on Monday asked the Federal Reserve, the Office of the Comptroller of the Currency and the Federal Deposit Insurance Corp. about what actions they had taken, or planned to take, to ensure that banking members of Swift had adequate cyber controls and were complying with system requirements.
The attacks raise a question that is increasingly relevant as critical functions are integrated into bigger networks: Does responsibility for security lie with the network operator or with its users? Computer-security experts increasingly say the answer is both, a conclusion that can require new thinking among network operators like Swift, which have said they aren’t liable for customer breaches but have an implied duty to protect the integrity of their entire networks.
The member-owned cooperative has repeatedly said its core messaging platform wasn’t compromised in the intrusions.
The breaches could raise uncertainty about Swift’s ability to guarantee the authenticity of its message traffic. Swift’s new program focuses on its customer systems, the part of the network long known to be a weak spot.
In his prepared remarks, Mr. Leibbrandt said Swift was “stepping up to the plate” and would do more to enhance its security, but said it wouldn’t work without banks and supervisors doing their part to make their systems less susceptible to attacks.
The steps include “drastically” improving the way customers share problems about their systems.
Swift also will develop tools for banks to use to spot anomalies in payments patterns, and new certification requirements for outside services such as consultants and software providers.
Mr. Leibbrandt reiterated that customers are responsible for their own systems and when thieves manage to steal their access codes, Swift “cannot assume responsibility for that.”
He called on the whole Swift community to do more, from Swift through to “third party suppliers, policy makers, regulators and our users, big and small. And particularly the large clearing banks.”
It remains to be seen whether customers will be more forthcoming and what mechanisms Swift could use to enforce existing guidelines that say customers must inform it of any breaches.
http://www.wsj.com/articles/swift-moves-to-harden-customers-security-1464044546
*****************
>>>TNTBS's YouTube Channel<<<
RamblerNash- GURU HUNTER
- Posts : 24270
Join date : 2015-02-19
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum
Today at 11:16 am by kenlej
» Phony Tony sez: Full Steam Ahead!
Sat Apr 13, 2024 11:51 am by Mission1st
» Dave Schmidt - Zim Notes for Purchase (NOT PHYSICAL NOTES)
Sat Apr 13, 2024 11:45 am by Mission1st
» Russia aren't taking any prisoners
Fri Apr 05, 2024 6:48 pm by kenlej
» Deadly stampede could affect Iraq’s World Cup hopes 1/19/23
Wed Mar 27, 2024 6:02 am by Ditartyn
» ZIGPLACE
Wed Mar 20, 2024 6:29 am by Zig
» CBD Vape Cartridges
Thu Mar 07, 2024 2:10 pm by Arendac
» Classic Tony is back
Tue Mar 05, 2024 2:53 pm by Mission1st
» THE MUSINGS OF A MADMAN
Mon Mar 04, 2024 11:40 am by Arendac
» Minister of Transport: We do not have authority over any airport in Iraq
Mon Mar 04, 2024 11:40 am by Verina
» Did Okie Die?
Mon Mar 04, 2024 11:34 am by Arendac
» Hello all, I’m new
Wed Jan 31, 2024 8:46 pm by Jonny_5
» The Renfrows: Prophets for Profits, Happy Anniversary!
Wed Jan 31, 2024 6:46 pm by Mission1st
» What Happens when Cancer is treated with Cannabis? VIDEO
Wed Jan 31, 2024 8:58 am by MadisonParrish
» An Awesome talk between Tucker and Russell Brand
Wed Jan 31, 2024 12:16 am by kenlej
» Trafficking in children
Mon Jan 29, 2024 7:43 pm by kenlej
» The second American Revolution has begun, God Bless Texas
Mon Jan 29, 2024 6:13 pm by kenlej
» The Global Currency Reset Evolution Event Will Begin With Gold, Zimbabwe ZWR Old Bank Notes
Sun Jan 28, 2024 3:28 pm by Mission1st
» Tucker talking Canada
Wed Jan 24, 2024 6:50 pm by kenlej
» Almost to the end The goodguys are winning
Mon Jan 22, 2024 9:03 pm by kenlej