Commercial Bank of Ceylon website hit by hack attack

The Sri Lanka-based Commercial Bank of Ceylon has released a statement admitting that a "hacking attack" on its website resulted in a successful intrusion - however, it maintained that no customer data has been compromised.

The bank, which released a statement in the wake of major cyberattacks targeting the Bangladesh central bank and an unnamed firm in Vietnam, claimed to have successfully defended itself and said its systems have now been fully restored.

A notice posted to the bank's website confirmed: "There was a hacking attack on our website and the bank took immediate corrective steps. Our systems are fully secure and operational. The hacking attack was also immediately communicated to the relevant authorities.

"We confirm that no sensitive customer data or valuable passwords were lost due to this intrusion. We are taking every measure to protect the privacy of our customers and have engaged external parties to review all our systems to ensure that no vulnerabilities exist."

The statement did not elaborate on when the so-called 'intrusion' took place or exactly what computer systems were targeted by hackers. The breach notification notice has been pinned to the front page of the website. IBTimes UK contacted the bank for additional comment but had received no response at the time of publication.

Indeed, a hacking group recently posted what purported to be information from a Sri Lanka-based Commercial Bank online, as reported by Bank Info Security. The leaked files allegedly included 158,276 files in 22,901 folders and featured annual reports, application forms, financial statements, PHP files, web development backups and other documents from the bank's corporate front-end website. Based on analysis of this data dump, no customer data appeared to be present and security researchers concluded the data was old. The links to the data dump have since been removed from the web.

The news comes after similar disclosures from the Qatar National Bank (QNB). As previously reported, hackers released data that included names, addresses, credit card data and National ID numbers of QNB customers – alongside more suspicious information that was labelled as belonging to Al-Jazeera journalists, the Al-Thani Royal Family and even members of the country's security services.

Additionally, the Celylon cyberattack has emerged as hacking collective Anonymous continue to launch cyberattacks against a slew of financial institutions as part of 'Op Icarus'. It remains unclear if the Sri Lanka incident was the result of a distributed-denial-of-service (DDoS)-style assault, an SQL injection tool or if the attacker was using more sophisticated methods.

A global cyber-scheme

Making matters more complicated, in recent weeks a number of banks have been targeted by hackers with darker motives. The Commercial Bank statement comes after it was confirmed a bank in Vietnam successfully foiled a cyberattack that attempted to compromise sensitive data via the Swift secure messaging service – which is used by over 11,000 financial institutions to send messages and large sums of money across the globe.

The firm in question, Hanoi-based Tien Phong Bank, revealed that in the fourth quarter of last year it identified suspicious requests sent through fraudulent messages on the 'Swift' platform that was trying to transfer more than $1m. Tien Phong was quick to stress the attack did not cause any loss of information and that its connection to Swift was not compromised.

However, the Bangladesh central bank, which was attacked in February, was not so lucky. As previously reported, hackers were able to steal roughly $81m (£56m) from its account at the Federal Reserve Bank of New York and then transfer the funds to various bank accounts located in the Philippines.

For its part, Swift recently released a statement acknowledging "a small number of recent cases of fraud." It said: "First and foremost we would like to reassure you again that the Swift network, core messaging services and software have not been compromised.

"The attackers clearly exhibit a deep and sophisticated knowledge of specific operational controls within the targeted banks – knowledge that may have been gained from malicious insiders or cyberattacks, or a combination of both."

Meanwhile, BAE Systems has released an in-depth report claiming the malware used in these previous attacks was similar in design to that used in the cyberattack against Sony Pictures in 2014.