Costs of bank cyber thefts hit SWIFT profit

CERT-LatestNews Security News ThreatsCybercrime
SWIFT is operated as a service to all banks.

SWIFT is operated as a service to all banks.

Dealing with cyber hacks on banks ate into profit last year at the SWIFT messaging system, which financial institutions use to move trillions of dollars each day.

Hackers stole $81 million from the Bangladesh central bank in February last year after gaining access to its SWIFT terminal, and the emergence of other successful and unsuccessful hacks rocked faith in a system previously seen as totally secure. Despite this, traffic increased on the network last year, hitting an all-time peak in June of over 30 million messages.

SWIFT’s 2016 profit before tax and rebates to its owner-customers fell by 31% to €47 million ($53 million), following additional investments in security, the co-operative said in its annual report published on Friday.

Chairman Yawar Shah said Belgium-based SWIFT — the Society for Worldwide Interbank Financial Telecommunication — had linked management goals and incentives to security targets.

SWIFT, which was criticised by some former staff and customers for failing to have spotted weaknesses in its customers’ operating practices, has expanded its security teams and developed new tools to help clients monitor transactions and spot anomalies.

  See also

Its ability to pre-empt attacks was limited by its customers’ historic failure to share information about hacks, SWIFT said.

SWIFT is operated as a service to all banks, so cash surpluses are usually distributed to customers via rebates and ever-lower prices, rather than via dividends.

Customers received no rebate for 2016. In 2015 the rebate was €33 million.

Copyright 2017 Reuters Limited. All rights reserved. Republication and redistribution of Reuters content is expressly prohibited without the prior written consent of Reuters. Reuters shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Our comments policy does not allow anonymous postings. Read the policy here