In February 2016, $951 million was hacked from the Central Bank of Bangladesh. This was the largest amount of unauthorized access to the Swift system. That’s why it got discussion all over the world. This type of hacking is not uncommon.
In 2013, $250,000 was hacked from Sonali Bank of Bangladesh. In 2015, 12 million was hacked from a bank in Ecuador called “Baco del Astrue”. With the development and use of technology, this type of hacking is happening all over the world. Some get publicity, some get lost and some are kept secret. That is why some people do not get any discussion.
During the festive season, unauthorized money transfers from a well-known commercial bank in Nepal using the Swift system caused a great stir in the Nepali banking and financial sector as well as in the IT sector. Therefore, this article discusses SwiftSystem, its security and the use of this system.
What is Swift System?
The Society for Worldwide Interbank Financial Telecommunication, or Swift for short, is a Belgian company founded in 1973, about 44 years before today. Which has been providing a secure means and system of remittances to banks and financial institutions around the world. Tens of thousands of banks around the world have joined this network and have been providing remittance and receiving services to customers through Swift service.
How does money go from one country to another?
Money will not be transferred to banks from Swift system itself. This is to give official instructions to send money through this medium. Funds are transferred between member banks on the basis of this instruction. For example, if you have to send money from a bank in Nepal to a relative’s account in a US bank, Swift is used, which is done through the following procedure: On the basis of that, the employees of Nepali Bank go to the Swift system and send instructions in a certain format i.e. Swift message for sending money and send the message to the concerned bank in USA. As soon as the US-based bank receives the message, the amount is deducted from the Nepali bank’s account in the US and sent to the account of the person concerned as written in the message.
Even if the person concerned has an account with another bank in the US, remittances are sent from the US using internal systems and the accounts are reconciled. In technical language, the account of a Nepali bank is called a Nostro account. Also, the account of the foreign bank in Nepal is called the Vostro account.
This is how money is transferred through Swift all over the world. Swift distributes subscriptions to banks to provide this type of facility. Swift also charges a membership fee and remittance commission. So some people see it as an expensive service. In any case, Swift is an established and universal inter-banking system worldwide.
Risks and challenges of Swift
With the use of technology, the risks and challenges are increasing day by day. That is why cyber security has become one of the most challenging issues in the world today. Whether it’s the US election or North Korea’s nuclear test, cybercrime, information leaks are always the talk of the town.
In the 21st century, financial transactions have become part of the computer system, so the way to commit financial crimes has changed.
From stealing information, destroying information, blocking services to stealing money in bank accounts, new information technology methods have been adopted. Organizations of hackers committing such crimes have been active all over the world as an organized gang. Countries where the law is weak, technology is not so strong and secure have been found to be their target.
Lately, hacking incidents have also started appearing in Nepal. There have been many incidents in Nepal where various foreign nationals have withdrawn money using fake ATM cards. Although other types of hacking are also seen in abundance, in most cases such incidents have been found with the connivance of internal employees.
Swift is also not immune from this type of hacker target. You need to have access to that system to hack any system. You also need to know the user ID and password to open the system. Therefore, looking at the nature of hacking in different countries, it has been found that after months of trying to get information about the system, it has been misused and money has been transferred illegally. First of all, to collect the information they need , they send malicious programs such as malware, spyware, etc. to collect the information. It has been found that after receiving the required information in an unauthorized manner, the information is being misused in an appropriate time and money is being transferred illegally.
The hacking that took place in Central Wak of Bangladesh in February 2016 was also done on the 4th and 5th of the two-day public holiday in Bangladesh. Recently, hacking was done in Nepal during the three-day holiday of Laxmi Puja. So we can also assess the risk through hacking methods.
Weak network security is a significant risk. Another risk and challenge is not being able to identify in time the harmful programs like viruses, malware, spyware that come from the network or via email. Another sensitive risk is not regularly testing your sensitive systems, not updating programs, and not being able to use state-of-the-art security systems properly.
Measures to secure the Swift system
In order to keep the Swift system safe, it is necessary to pay attention to various things in the computer system. In general, the following measures can be taken to minimize the risks to the SwiftSystem.
1. System Updates
Just as we give our children immunizations against DPT, polio, measles, hepatitis, etc. to prevent any future disease, so also the computers and servers we use are infected with viruses, spyware, rootkits, malware, and backdrops. The system needs to be updated regularly to prevent leaks of important and sensitive information. Regular updating of system and application software is a primary security measure.
2. Use of Security Software
Antivirus and Antispyware The use of Antivirus and Antispyware helps to protect our computer system from malicious programs such as viruses, spyware, rootkits, malware, and backdrops. SwiftSystem’s servers and all other computers running this system must use antivirus and antispyware. Also, such antivirus and antispyware should be updated regularly.
3. Network Security
The network we work on can also be protected by the use of various state-of-the-art firewall systems. I. D. Yes. In other words, the firewall system, including the Kshatchagakshyal Mbhatbhaatsyal Kthakatz, has the ability to identify new types of risks. D. Yes. It seems appropriate to use a firewall with technology. Also, keeping the SwiftSystem separate from the network will help reduce its access and reduce risk.
4. Email and Internet Access
Email and the Internet are the means by which viruses or similar programs spread, so email security is a challenge. Using the Internet and email only as needed can prevent the spread of the virus to some extent.
5. Use of Official Software The use
of unauthorized software also weakens the security system, therefore such software should not be used. In unauthorized software, the means of leaking information are kept in a duplicate mode through which sensitive information may be leaked unauthorisedly.
6. Passwords and Access
The passwords you use and the system you use are another important factor. So you have to be very careful while keeping sensitive passwords. Passwords need to be changed from time to time. Password access should only be provided to trusted individuals. Passwords or access codes should be changed immediately if any employee is fired or changed.
7. Regular testing and monitoring
Regular testing and monitoring of sensitive applications is an important measure. . Regular audits of the system, as well as corrective measures to address the shortcomings identified by the audit, will help secure the system. At the same time, regular monitoring and cross-verification of the activities in the sensitive system will detect any irregularities before they occur and will help in minimizing the risk by immediately adopting other security measures.
Useful Links: BishalRajwarNepali, BishalRajwarEnglish, AddUnit, OfficerBishal, PolicingStudent, GegreSoft, LBR, KKR, College Of Policing, SocialWorkNepal, WindowsActivate, Jyamuno, PolicingStudent, InnerPeace, Jyamuno, BishalRajwar.com.np, BishalRajwar.com, AddUnit, Nepalese Society, YouTube.
