Russia's central bank: Hackers stole $6m from local bank in 'classic scheme' abusing Swift network

Russia's central bank has said that hackers stole 339.5m rouble ($6m, £4.2m) from a Russian bank last year by exploiting Swift (the Society for Worldwide Interbank Financial Telecommunication) — the global banking industry's payments messaging system.

The central bank described the latest cyberattack as a "classic scheme", which was reportedly disclosed at the bottom of a report on digital thefts in the Russian banking sector. According to the report, the central bank said it was sent information regarding "one successful attack on the work place of a Swift system operator".

"The volume of unsanctioned operations as a result of this attack amounted to 339.5 million roubles," the central bank said without naming the institution involved or specifying when the attack took place.

It has not disclosed any details regarding the possible perpetrators behind the cyber heist.

A central bank spokesman said that threat actors managed to take control of a computer at a Russian bank and exploited the Swift network to transfer millions to their accounts, Reuters reports.

"The Swift payment system was used exclusively as a channel to withdraw the stolen funds," the central bank said in a statement. "The bank - and the Swift operator's workplace in particular - were the primary targets of the attack."

Used by more than 11,000 financial institutions in over 200 countries around the world, the Swift network is used by banks globally to transfer trillions of dollars daily.

However, the Brussels-based company warned last year that cybercriminals are increasingly leveraging sophisticated techniques and means to carry out cyber heists and has encouraged financial firms to tighten the security of computers used to transfer funds.

Natasha de Teran, a spokeswoman for Swift, said the firm does not comment on individual entities but emphasised that its systems have never been compromised by hackers.

"When a case of potential fraud is reported to us, we offer our assistance to the affected user to help secure its environment," she was quoted as saying by Reuters.

In recent years, hackers have targeted a slew of banks worldwide to gain access to the Swift network and initiate fraudulent money transfers.

Over the weekend, India's City Union Bank said "cybercriminals" hacked its systems and transferred nearly $2m through three "fraudulent remittances" via Swift to accounts in Dubai, Turkey and China.

In December 2017, Russian state bank Globex said it was targeted by hackers who tried to steal 55m rouble via the Swift system.

In February 2016, cybercriminals swiped $81m from the central bank of Bangladesh while Ecuadorian bank Banco del Austro lost around $9m to digital thieves in January 2015. Far Eastern International Bank in Taiwan and NIC Asia Bank in Nepal have also fallen victim to similar cyberattacks.