On Friday, Hackers released some documents and files which cyber security experts believe that it indicates that the U.S National Security Agency (NSA) had access to SWIFT interbank messaging system, it allowed to spy on the money flows between some middle eastern and Latin American banks.
Documents and files that were released included computer code, this computer could can be used by hackers to break into the SWIFT servers and completely monitor the messaging activities, revealed Shane Shook, a cyber-security analyst and consultant serving banks to investigate the SWIFT breaches.
According to Reuters, the documents and files were released by a group who call themselves “The Shadow Brokers” Some of the documents had NSA seal on them but Reuters say, “We are unable to confirm the validity of those seals” on the documents, whether they have genuine seals or not still a debate
Reuters added that, “NSA could not be reached immediately to comment on the news”
On the other hand, Microsoft told Reuters that they didn’t receive any warning by U.S. government stating that files existed or had been stolen. Apart from reporters and news agencies, none of the organizations or individuals has contacted us regarding the documents released by The Shadow Brokers.
It is suggested that NSA knew the breach by The Shadow Brokers, some officials previously told Reuters, under the Obama administration companies were warned about the serious flaws,
Shook said, it is the serious flaw, hackers can use the code and break into the system, they can even steal the money in operations by mimicking it, as $81 million was stolen from the Bangladesh Central Bank.
SWIFT system is used by banks to transfer trillions of dollars every day. Belgium based SWIFT spontaneously reacted to the situation and downplayed the risks of attacks by employing code which was released by the hackers.
SWIFT said it is regularly monitoring the issue and releases security updates and help banks how to handle threats.
SWIFT also said in a statement to Reuters that it is possible that some of the client banks had been breached.
Last week it was also reported that NSA hacked Pakistan’s biggest mobile network “Mobilink” according to Wikileaks. Wikileaks official twitter account tweeted this update saying “A code was released which shows NSA hacked Pakistan’s largest telecom “Mobilink””
Bangladesh Central Bank was hacked and $81 million was stolen from there, Symantec revealed last month that North Korean Hacking Group was behind this hack, However, they had compromised their SWIFT which allowed transfers of millions of dollars from their bank located in Federal Reserve New York.
The documents released by the Shadow Brokers on Friday indicate that the NSA may have accessed the SWIFT network through service bureaus. SWIFT service bureaus are companies that provide an access point to the SWIFT system for the network’s smaller clients and may send or receive messages regarding money transfers on their behalf.
“If you hack the service bureau, it means that you also have access to all of their clients, all of the banks,” said Matt Suiche, founder of the United Arab Emirates-based cybersecurity firm Comae Technologies, who has studied the Shadow Broker releases and believes the group has access to NSA files.
The documents posted by the Shadow Brokers include Excel files listing computers on a service bureau network, user names, passwords and other data, Suiche said.
“That’s information you can only get if you compromise the system,” he said.
Reuters could not confirm whether the documents released Friday by the Shadow Brokers are authentic or not, but if authentic, were related to NSA monitoring of SWIFT transfers since 2013.
Some of the documents released were dated 2013, but others didn’t mention any date.