March 20, 2022
Over two weeks ago, the European Union decided to ban seven Russian financial institutions from the Society for Worldwide Interbank Financial Telecommunications (SWIFT) messaging system. SWIFT the world’s leading financial messaging system that allows for secure and reliable banking transactions between institutions globally.
The SWIFT network is critical to global banking. Over 11,000 financial institutions use the system for global banking. Any threat to the network could affect these banks’ ability to send trillions of dollars in international transactions daily.
On March 12, SWIFT disconnected the seven Russian banks from its network marking this as one of the most drastic and powerful tools used as sanctions against Russia.Now, banking executives are concerned about Russian cyber attacks against the SWIFT system in retaliation for their network cutoff.
According to the Financial Times, several senior cyber security executives at major banks suggested the threats to SWIFT will grow if more Russian lenders are banned from the system.
They also expressed concern that SWIFT will become a much more desirable target rather than individual banks as the network connects a significant portion of the global financial system.
“Banks seem to be comfortable with their own cyber security levels, but a hit to Swift would be very detrimental to the whole banking system.” said a financial regulator to the Financial times.“During warfare, it’s the most effective place to hit — it’s the nucleus of the global banking system, the node that connects everything,” said one senior bank executive.
“We model for cyber attacks on institutions like the Fed, but we think a hit on Swift is more likely in retaliation for Russian banks being kicked off it,” he added. “That would have huge consequences for the global banking network.”
So far, the majority of Russia’s cyber attacks have been focused on Ukraine infrastructure and government, however banks are remaining diligent.
If an attack were to happen, this wouldn't be the first strike on SWIFT. In 2016, vulnerabilities in some SWIFT banks allowed hackers to use malware to pose as other banks on the system, requesting funds from the Bangladesh Central bank. The hackers stole $81M in what is considered one of the largest bank heists in history.
Since the heist, SWIFT has imposed stricter mandatory controls for banks and significantly improved its monitoring system including a program to aid bank members to improve their cyber security.
PYMNTS recently reported a number of American banks had experienced an increased amount of cyber attacks following Russia’s invasion of Ukraine. These banks include J.P. Morgan, Citigroup, BOFA, and Goldman Sachs.
These banks have spent billions of dollars every year to prevent cyber attacks. The executives from the PYMNTS report suggest that, in light of the sanctions on Russia, these recent attacks have been intensified and focused on banks’ technological infrastructure.