Banks on alert after Malaysians foil cyberheist

In a press statement late on Thursday, the Bank Negara Malaysia said it had detected and stopped “a cybersecurity incident involving attempted unauthorised fund transfers using falsified Swift messages”.
The plot is reminiscent of the $1-billion (Bt31 billion) hack on the Bangladeshi central bank in 2016, of which $81 million found its way into the Philippine financial system.
Bangko Sentral ng Pilipinas (BSP) governor Nestor Espenilla Jr sounded the alarm to the Bankers Association of the Philippines on Wednesday after receiving the alert from his Malaysian counterparts.
He noted parallels in the modus operandi of the foiled hack attempt on the Bank Negara last week and the successful one on the Bangladeshi central bank two years ago.
“Hackers tend to take advantage of long holidays anywhere in the world, similar to the timing when they hit Bangladesh Bank,” he said, referring to the original incident in 2016, which was hit just ahead of a three-day Chinese New Year weekend.
Back then, investigators noted that hackers – now widely suspected to be acting on behalf of North Korea – used the long weekend, when bank transactions are processed with less scrutiny, to move the stolen Bangladeshi funds to the accounts with the Rizal Commercial Banking Corp.
“We now take extra precautions during such long holidays as standard operating procedure,” the BSP chief said. “The Bank Negara Malaysia incident is another reminder of need for vigilance.”
Espenilla said that, based on preliminary reports, there was no indication that the hackers would have laundered any stolen funds in the Philippine financial system had their plot been successful.
“The Bank Negara just sounded general alert to the central banking community,” he said, explaining the BSP’s precautionary alert bulletin to local banks. “In turn we alerted our own banking community. These are all in line with our international cooperation protocol.”
The Malaysian central bank did not disclose how much the hackers tried to steal through the Swift international transaction system – the same method used during the Bangladesh Bank attack. However, it said that “all unauthorised transactions were stopped through prompt action in strong collaboration with Swift, other central banks and financial institutions”.
“The bank did not experience any financial loss in this incident,” the Bank Negara said. “There was also no disruption to other payment and settlement systems that the bank operates.”
It added that it is now conducting a comprehensive investigation in collaboration with local and international law-enforcement agencies into this incident.
“The bank is pleased to note that, to date, all risk-control measures in place are effective to curtail this incident,” the Malaysian financial regulator said.
“However, the bank has taken additional safeguards to protect its stakeholders. The bank will also remain on high alert and always be on a state of readiness as future incidents will likely involve a higher degree of sophistication and design.
“Financial institutions are also advised to be vigilant of the heightened risk in cybersecurity and continue to strengthen their security safeguards against these incidents,” the Malaysian central bank said.