Top senator probes SWIFT data breachReprints
(Reuters) — The Senate Homeland Security Committee's top Democrat sought information Thursday from global financial network SWIFT and the Federal Reserve Bank of New York on steps being taken to bolster cyber security in the wake of the theft of $81 million from the central bank of Bangladesh.
Senator Tom Carper of Delaware requested that both answer questions and brief his staff by June 17 on how they were handling issues following the February heist, during which hackers wired money out of an account at the New York Fed held by Bank Bangladesh, as well as how they were safeguarding against other potential cyber threats.
"These cyber attacks raise important questions about the security of the SWIFT system and the ability of its members to prevent future attacks," Carper wrote in his letters.
The inquiry comes as policymakers, regulators and financial institutions around the world increase scrutiny into the heist at Bank Bangladesh and a separate attempt to use fraudulent SWIFT messages to steal from a commercial bank in Vietnam.
The Association of Banks in Singapore told Reuters it had invited SWIFT for a meeting in June to discuss the latest cyber attacks. The Bank of England last month ordered British banks to provide documentation on SWIFT security measures.
In his letters, Carper said there appeared to be no evidence the Federal Reserve systems were penetrated or compromised in the Bangladesh attack. The New York Federal Reserve has denied responsibility for the intrusion, which some security researchers have said was due to a flaw in the SWIFT bank messaging network.
The identity of the Bangladesh hackers remains unknown.
Brussels-based SWIFT is a cooperative owned by some 3,000 global financial institutions.
A representative for SWIFT could not immediately be reached for comment. The New York Fed plans to respond, a representative said.
Carper asked SWIFT how it shares information about cyber security threats against member banks, whether there were consequences for members who did not follow security standards and if it plans to revise its cyber security policies in response to the Bangladesh attacks, among other questions.
He requested similar information from the Federal Reserve, including steps it has taken to coordinate with SWIFT, Bangladesh Bank, the Department of Homeland Security and Department of Treasury since the heist.
Major U.S. banks are scrutinizing security of the SWIFT messaging network following the cyber attacks, according to media reports.