Used Swift? You could have been spied on

Dubai - Dubai-based EastNets assures no hacking occurred

Amidst reports that hackers released documents and files that cyber-security experts said indicated the US National Security Agency (NSA) had accessed the Swift interbank messaging system, Dubai-based Swift service bureau EastNets clarified on Saturday that none of its data "has been compromised in any way".
"[There is] no credibility to the online claim of a compromise of EastNets customer information on its Swift service bureau," the company said in a statement to Khaleej Times. "The reports of an alleged hacker-compromised EastNets Service Bureau network is totally false and unfounded. The EastNets Network internal security unit has ran a complete check of its servers and found no hacker compromise or any vulnerabilities," it said.
EastNets was one of the Swift service bureaus tagged by The Shadow Brokers, a group who released the files. The NSA's move allowed it to monitor money flows among some Middle Eastern and Latin American banks.
"The EastNets Service Bureau runs on a separate secure network that cannot be accessed over the public networks. The photos shown on Twitter, claiming compromised information, is about pages that are outdated and obsolete, generated on a low-level internal server that is retired since 2013."
Quoting its CEO and founder Hazem Mulhim, EastNets added: "While we cannot ascertain the information that has been published, we can confirm that no EastNets customer data has been compromised in anyway. EastNets continues to guarantee the complete safety and security of its customers data with the highest levels of protection from its Swift-certified service bureau."
The release included computer code that could be adapted by criminals to break into Swift servers and monitor messaging activity, said Shane Shook, a cyber-security consultant who has helped banks investigate breaches of their Swift systems.
Some of the records released by The Shadow Brokers bear NSA seals, but Reuters could not confirm their authenticity. The NSA could not immediately be reached for comment.
Also published were many programs for attacking various versions of the Windows operating system, at least some of which still work, researchers said.
In a statement to Reuters, Microsoft, maker of Windows, said it had not been warned by any part of the US government that such files existed or had been stolen.
"Other than reporters, no individual or organisation has contacted us in relation to the materials released by Shadow Brokers," the company said.
The absence of warning is significant because the NSA knew for months about the Shadow Brokers breach, officials previously told Reuters. Under a White House process established by former President Barack Obama's staff, companies were usually warned about dangerous flaws.
Shook said criminal hackers could use the information released to hack into banks and steal money in operations mimicking a heist last year of $81 million from the Bangladesh central bank. "The release of these capabilities could enable fraud like we saw at Bangladesh Bank," Shook said.
The Swift messaging system is used by banks to transfer trillions of dollars each day. Belgium-based Swift downplayed the risk of attacks employing the code released by hackers. Swift said it regularly releases security updates and instructs client banks on how to handle known threats.
"We mandate that all customers apply the security updates within specified times," Swift said in a statement. Swift said it had no evidence that the main Swift network had ever been accessed without authorisation.
It was possible that the local messaging systems of some Swift client banks had been breached, Swift said in a statement, which did not specifically mention the NSA. When cyber-thieves robbed Bank of Bangladesh last year, they compromised that bank's local Swift network to order money transfers from its account at the New York Federal Reserve.
The documents released by the Shadow Brokers indicate that the NSA may have accessed the Swift network through service bureaus. Swift service bureaus are companies that provide an access point to the Swift system for the network's smaller clients and may send or receive messages regarding money transfers on their behalf. "If you hack the service bureau, it means that you also have access to all of their clients, all of the banks," said Matt Suiche, founder of the UAE-based cyber-security firm Comae Technologies, who has studied the Shadow Broker releases and believes the group has access to NSA files.
The documents posted by the Shadow Brokers include Excel files listing computers on a service bureau network, user names, passwords and other data, Suiche said.
- business@khaleejtimes.com