Biz-Econ

Fed still sees cyber risks nearly 2 years after BB heist

The Federal Reserve, which was at the center of an unsolved $81-million cyber heist nearly two years ago, is ready for further talks with foreign counterparts to address the lingering risks of cyber fraud in global messaging systems, a top Fed official said on Wednesday.

Simon Potter, head of market operations at the New York Fed, said the SWIFT bank messaging system is only as strong as the weakest of the central banks and financial institutions that use it to communicate and transfer trillions of dollars each day.

In February 2016, hackers broke into Bangladesh Bank’s systems and tricked the New York Fed - which maintained its account - into sending $81 million to entities mostly in the Philippines.

Bangladesh’s central bank has only recovered some $15 million of the stolen funds despite an international probe involving the U.S. Federal Bureau of Investigation.

Fixing the “deficiencies in prevention and detection may require a substantial re-orientation of priorities and resources for some institutions,” said Potter, whose unit within the U.S. central bank maintains the international accounts and oversees some $3.6 trillion in foreign dollar-denominated assets.

Potter, who did not mention the Bangladesh incident specifically, said “response regimes” need improvement and that co-operation was more important than ever.

The Fed was “ready to engage in further dialogue and co-operation with both its foreign official account-holders and fellow central bank service providers in addressing these challenges,” he told a private forum at the New York Fed, according to prepared remarks.

Last year’s heist exposed weaknesses not only in Bangladesh Bank and in SWIFT, or the Society for Worldwide Interbank Financial Telecommunication, but also in the way the Fed detects fraud and communicates with clients in an emergency.

Earlier this month, Reuters reported that Bangladesh Bank had asked the New York Fed to join a lawsuit it was considering filing against the Philippines bank through which the money was stolen. That in turn set off finger-pointing between the bank, Rizal Commercial Banking Corp, and Dhaka.

Source: Reuters