SWIFT eyes new technology to spot cyber theft

By Tom Bergin LONDON (Reuters) - The SWIFT secure messaging service, which banks use to transfer money around the world, outlined on Friday areas in which it hopes to improve security, following attacks in which hackers stole millions of dollars from banks in Bangladesh and Ecuador. SWIFT said on Friday it would consult its users, which are also its owners, about new measures, including the potential to develop new tools that could allow it to spot fraudulent payment instructions. Historically, the Society for Worldwide Interbank Financial Telecommunication's (SWIFT) core business has focussed on simply passing authenticated messages between banks. In future it may seek to check inside the messages to ensure payment instructions are consistent with customers' normal account patterns -- akin to the checks retail banks conduct to spot unusual credit card transactions. The Belgium-based co-operative has been the backbone of international finance for four decades and revelations in recent months that several banks have suffered attacks on their SWIFT terminals has hit confidence in a service previously seen as totally secure. In February, thieves hacked into the SWIFT system of the Bangladesh central bank, sending messages to the Federal Reserve Bank of New York allowing them to steal $81 million. The attack followed a theft from Banco del Austro in Ecuador that netted thieves over $12 million and a previously undisclosed attack on Vietnam's Tien Phong Bank that was not successful. On Friday, European Banking Authority Chairman Andrea Enria urged authorities in European Union member states to stress-test their financial institutions for cyber risks, warning banks might be required to hold extra capital as a buffer against what is an emerging threat. SWIFT said it will also look into requiring customers to use existing security measures, such as two-factor authentication of payment instructions, which are currently optional on the system. The group will also look at developing new audit frameworks such that larger banks offering correspondent banking services can confirm that their clients -- often in developing countries -- have appropriate security measures in place around their SWIFT terminal. SWIFT said it would seek to encourage banks, which have hitherto been reluctant to inform others when they are attacked, to share information so that trends and tactics in cyber criminal behaviour can be identified and tackled. The co-operative may also devise new systems for cancelling payment instructions. Currently cancellation messages can only be sent between users which have a direct banking relationship. This makes it harder to cancel a fraudulent instruction sent via intermediary banks. (Reporting by Tom Bergin; editing by Susan Thomas)