U.S. regulators on Tuesday told banks to review cyber-security protections against fraudulent money transfers in the wake of revelations that a hacking group used such messages to steal $81 million from the Bangladesh central bank.
The notice from the Fed and other financial regulators came two weeks after the U.S. Federal Bureau of Investigation privately urged banks to look for signs of possible cyber attacks. That report asked them to hunt for technical clues that they have been targeted by the same group.
The warnings suggest that U.S. government and law enforcement agencies are concerned that recent attacks on banks in emerging-market economies could lead to losses for big U.S. firms that rely on the so-called SWIFT fund-transfer network, which serves as the backbone of international finance.
Concerns about cyber threats to banks have grown since Bangladesh Bank disclosed its heist in March. Similar cases later came to light including an earlier $12 million theft from Banco del Austro in Ecuador, an attack on Vietnam’s Tien Phong Bank and one on an unidentified victim in the Philippines.
Dan Guido, a former member of the security team for the U.S. Federal Reserve System, said he expects the hacker group will launch more attacks.
“There is a hacker group out there that is polished and practiced. They know when they target a bank, they get in and get out and the attack will work,” said Guido, chief executive of cyber-security firm Trail of Bits.
