In the wake of an orchestrated cyberattack found to be targeting numerous banks across the globe, the Bank of England issued an urgent call of all UK institutions to check for "indicators of compromise" on any computer connected to the Swift messaging service, it has emerged.
Officials close to the UK central bank, who spoke to Reuters on condition of anonymity, said the warning was issued in mid-to-late April – however is only now being made public. The order marks the earliest known case of a central bank in a major economy ordering a formal security check-up of its member banks in response the cyber-heist at the Bangladesh bank in February. In this case, which is still being investigated, hackers were able to compromise $81 (£56m) in a complex scheme.
The Bank of England reportedly told UK banks to conduct an audit of any system connected to Swift – which is used by 11,000 institutions across the globe to communicate securely and transfer funds.
It also demanded a "compliance check" to ensure that security policies put forward by Swift are being followed, alongside a check of who exactly has access to its sensitive applications and web portals.
Additionally, UK banks were given IP addresses and email addresses linked to recent attacks – which recently expanded to a second location in Vietnam – and told to check systems for any indication they had been used to target its systems. The private communications, Reuters said, told banks to respond "by early May."
Both the Bank of England and Brussels-based Swift declined to comment on plans to bolster internal security following the security alert caused by a wave of banking attacks. However, it is clear high-level officials are extremely aware of the devastation any hack on UK systems would cause.
Since the Bangladesh incident, Swift has maintained its 'core systems' were not breached by hackers and that any culpability lies with individual banks. In a statement released on 13 May, Swift said: "The attackers clearly exhibit a deep and sophisticated knowledge of specific operational controls within the targeted banks – knowledge that may have been gained from malicious insiders or cyberattacks, or a combination of both."
It is believed that a form of malware was used by the hackers to target the individual banks. Now, security firms – including FireEye – are in the process of investigating the landmark attack. Echoing calls from the Bank of England, other central banks around the world have been instructed to bulk up security measures and IT systems. As previously reported, Nestor Espenilla, the Philippines' central bank deputy governor, said: "There is absolutely no room for complacency."