By A. Ananthalakshmi and Tom Bergin
Malaysia's central bank said on Thursday it was the victim of a cyber attack in which hackers sought to steal money using fraudulent wire transfers, the latest in a series of electronic heists at financial institutions around the world.
While Bank Negara Malaysia said no funds were lost in the incident, which it identified on Tuesday and involved falsified wire-transfer requests over the SWIFT bank messaging network. It is the second known hack of a central bank after the 2016 theft of $81 million from Bangladesh Bank.
The Bangladesh heist, which also involved fraudulent SWIFT transfer requests, led financial institutions around the globe to bolster security. Authorities have yet to capture the masterminds behind that attack.
The renewed targeting of a central bank is likely to prompt financial institutions around the globe to review cyber defenses.
"You thwarted an attack but you didn’t actually catch the hackers," said Tom Kellermann, a former member of the World Bank security team. "That adversary is still out there attempting to exploit the system."
Bank Negara did not say who was behind the hack or how they accessed its SWIFT servers. The central bank, which supervises 45 commercial banks in Malaysia, said there was no disruption to other payment and settlement systems the central bank operates because of the cyber attack.
It did not respond to requests for more details on the falsified messages and how other banks were involved. It did say it had taken additional safeguards to protect stakeholders and was investigating the attack with help from local and international law enforcement agencies.
"All unauthorized transactions were stopped through prompt action in strong collaboration with SWIFT, other central banks and financial institutions," it said in a statement disclosing the hack.
Malaysian police and the U.S. Federal Bureau of Investigation, which is conducting a probe into the Bangladesh Bank heist, could not immediately be reached for comment.
SWIFT, the Society for Worldwide Interbank Financial Telecommunication, declined comment on the incident, saying it does not comment on individual entities.
"We have no indication that our network and core messaging services have been compromised," it said in an e-mailed statement.
It was unclear whether funds were paid out but intercepted at another bank. Previous thefts have involved stolen money being transferred to a number of banks before arriving at its final end destination.
Abu Hena Mohd. Razee Hassan, deputy governor of Bangladesh Bank, said the latest attack showed that the SWIFT platform remained vulnerable.
"After the attack on our central bank, SWIFT took several measures to protect the system globally but yet this is happening, meaning criminals have more ability and more capable weapons," Razee Hassan told Reuters in Dhaka. "So this is the time to further improve the financial transfer system globally."
In February, the Russian central bank said unknown hackers stole 339.5 million rubles ($6 million) from a Russian bank last year in an attack using the SWIFT system.
SWIFT has said in the past its central network has never been hacked, but terminals within some banks used to access the network have been compromised in the past couple of years.
Brussels-based SWIFT said late last year digital heists were becoming increasingly prominent as hackers use more sophisticated tools and techniques to launch new attacks.
SWIFT has declined to disclose the number of attacks or comment on the handful of cases that have become public, including attacks on Taiwan's Far Eastern International Bank and Nepal's NIC Asia Bank.
(Reporting by A. Ananthalakshmi in Kuala Lumpur and Tom Bergin in London; Additional reporting by Serajul Quadir in Dhaka and Jim Finkle in Toronto; Editing by Raju Gopalakrishnan and Nick Zieminski)