It was a case of swift action that stopped a major cybersecurity incident at Bank Negara Malaysia late last month, after a collaborative effort stopped SWIFT message fraud in its tracks.
According to the bank, falsified SWIFT messages were used to attempt unauthorized fund transfers, however a collaboration between SWIFT, central banks and financial institutions managed to block the transfers.
Bank Negara Malaysia did experience any financial loss, disruption to services or other payment systems at the time.
“The Bank is presently conducting a comprehensive investigation in collaboration with local and international law enforcement agencies on this incident.”
Bank Negara Malaysia says that its risk control measures effectively stopped the damage this time, but it is putting in place additional safeguards to protect stakeholders.
“The Bank will also remain on high alert and always be on a state of readiness as future incidents will likely involve a higher degree of sophistication and design.”
It warns other financial institutions to be vigilant about their cybersecurity and to continue strengthening defences.
“Bank Negara Malaysia would like to assure members of the public that the Malaysian payment and settlement systems remained unaffected and continue to operate normally.”
Reports suggest that SWIFT cyber attacks are becoming more common around the world and in Asia.
In October 2017, cyber attackers stole more than US$60 million from the Far Eastern International Bank in Taiwan through a SWIFT attack.
The attack used malware to gain access to the bank’s SWIFT terminals, which then transferred the stolen funds.
Earlier this year SWIFT held a data security challenge for Australian students, with the aim of finding secure ways to protect data in an open banking environment.
“The issue of how to keep personal information safe in an open environment is increasingly a question that banks are trying to tackle as open banking becomes more prevalent. This competition will challenge students to provide innovative solutions to this global industry issue. We look forward to seeing the practical concepts that are offered,” commented SWIFT Institute director Peter Ware at the time.
Bank Negara Malaysia has also warned Malaysians to watch out for fake certification programmes related to blockchain assets, crypto assets and FinTech.
A fake certificate uses the Bank Negara Malaysia and University of Malaya as fraudulent logos.
“BNM does not recognise these certificate holders who use such documentation in offering consultation services. Members of the public are advised to verify the validity of any certification programme before registering,” Bank Negara Malaysia says.
“Digital currencies are not legal tender in Malaysia. Members of the public are advised to exercise caution before investing in crypto-related assets,” Bank Negara Malaysia concludes.