April 15, 2017: Hackers released documents and files Friday that cybersecurity experts said indicated the U.S. National Security Agency had accessed the SWIFT interbank messaging system, allowing it to monitor money flows among some Middle Eastern and Latin American banks.
The release included computer code that could be adapted by criminals to break into SWIFT servers and monitor messaging activity, said Shane Shook, a cyber security consultant who has helped banks investigate breaches of their SWIFT systems.
The documents and files were released by a group calling themselves The Shadow Brokers. Some of the records bear NSA seals, but Reuters could not confirm their authenticity.
The NSA could not immediately be reached for comment.
NewsGram brings to you current foreign news from all over the world.
Holes in Windows
Also published were many programs for attacking various versions of the Windows operating system, at least some of which still work, researchers said.
In a statement to Reuters, Microsoft, maker of Windows, said it had not been warned by any part of the U.S. government that such files existed or had been stolen.
“Other than reporters, no individual or organization has contacted us in relation to the materials released by Shadow Brokers,” the company said.
The absence of warning is significant because the NSA knew for months about the Shadow Brokers breach, officials previously told Reuters. Under a White House process established by former President Barack Obama’s staff, companies were usually warned about dangerous flaws.
Shook said criminal hackers could use the information released Friday to hack into banks and steal money in operations mimicking a heist last year of $81 million from the Bangladesh central bank.
“The release of these capabilities could enable fraud like we saw at Bangladesh Bank,” Shook said.
The SWIFT messaging system is used by banks to transfer trillions of dollars each day. Belgium-based SWIFT downplayed the risk of attacks employing the code released by hackers Friday.
SWIFT said it regularly releases security updates and instructs client banks on how to handle known threats.
“We mandate that all customers apply the security updates within specified times,” SWIFT said in a statement.
SWIFT said it had no evidence that the main SWIFT network had ever been accessed without authorization.
It was possible that the local messaging systems of some SWIFT client banks had been breached, SWIFT said in a statement, which did not specifically mention the NSA.
When cyberthieves robbed the Bangladesh Bank last year, they compromised that bank’s local SWIFT network to order money transfers from its account at the New York Federal Reserve.
NewsGram brings to you top news around the world today.
NSA and SWIFT
The documents released by the Shadow Brokers on Friday indicate that the NSA may have accessed the SWIFT network through service bureaus. SWIFT service bureaus are companies that provide an access point to the SWIFT system for the network’s smaller clients and may send or receive messages regarding money transfers on their behalf.
“If you hack the service bureau, it means that you also have access to all of their clients, all of the banks,” said Matt Suiche, founder of the United Arab Emirates-based cybersecurity firm Comae Technologies, who has studied the Shadow Broker releases and believes the group has access to NSA files.
The documents posted by the Shadow Brokers include Excel files listing computers on a service bureau network, user names, passwords and other data, Suiche said.
“That’s information you can only get if you compromise the system,” he said.
Cris Thomas, a prominent security researcher with the cybersecurity firm Tenable, said the documents and files released by the Shadow Brokers show “the NSA has been able to compromise SWIFT banking systems, presumably as a way to monitor, if not disrupt, financial transactions to terrorists groups.”
Since the early 1990s, interrupting the flow of money from Saudi Arabia, the United Arab Emirates and elsewhere to al-Qaida, the Taliban, and other militant Islamic groups in Afghanistan, Pakistan and other countries has been a major objective of U.S. and allied intelligence agencies.
Mustafa Al-Bassam, a computer science researcher at University College London, said on Twitter that the Shadow Brokers documents show that the “NSA hacked a bunch of banks, oil and investment companies in Palestine, UAE, Kuwait, Qatar, Yemen, more.”
He added that NSA “completely hacked” EastNets, one of two SWIFT service bureaus named in the documents that were released by the Shadow Brokers.
Reuters could not independently confirm that EastNets had been hacked. And EastNets, based in Dubai, denied it had been hacked in a statement, calling the assertion “totally false and unfounded.”
EastNets ran a “complete check of its servers and found no hacker compromise or any vulnerabilities,” according to a statement from EastNets’ chief executive and founder, Hazem Mulhim.
Check out NewsGram for latest international news updates.
In 2013, documents released by former NSA contractor Edward Snowden said the NSA had been able to monitor SWIFT messages.
The agency monitored the system to spot payments intended to finance crimes, according to the documents released by Snowden.
Reuters could not confirm whether the documents released Friday by the Shadow Brokers, if authentic, were related to NSA monitoring of SWIFT transfers since 2013.
Some of the documents released by the Shadow Brokers were dated 2013, but others were not dated. The documents released by the hackers did not clearly indicate whether the NSA had actually used all the techniques cited for monitoring SWIFT messages. -VOA
New Delhi: The Congress on Monday accused National Security Advisor (NSA) Ajit Doval of creating confusion over sensitive issues of national security.
“The NSA is reported to have said in an interview that ‘no peace talks now till Pakistan takes action against Pathankot terrorists and India is satisfied with Pakistan’s efforts’.
“Later, he denied having given an interview to the publication. This self-contradictory statement was in reference to the foreign secretary-level talks scheduled for January 15,” Congress spokesperson Abhishek Manu Singhvi told media persons here.
“The NSA has further compounded and confounded the confusion that seems to have become this government’s hallmark as far as dealing with extremely serious and sensitive issues of national security is concerned,” he added.
He also sought to know from the government whether the foreign secretary-level talks scheduled for January 15 were happening or not.
Posing a few more questions to the government, Singhvi asked: “What are the ‘actionable proofs and evidences’ that they have given to Pakistan?
“Has the government of Pakistan acted on these evidences and to what extent?
“Is the government satisfied by Pakistan’s actions on the actionable evidences?”
He further asked: “Are these actions sufficient enough to surmount the earlier stand of Prime Minister Narendra Modi and External Affairs Minister Sushma Swaraj that entails ‘talks and terror can’t go ahead simultaneously? Can the nation expect a clear statement by the external affairs minister or its spokesperson on this issue?”
Islamabad: If talks between India and Pakistan take place, “they are now likely to have a very different tone and tenor” due to the appointment of a retired army general as Pakistan’s NSA, a leading daily said on Monday.
An editorial “NSA appointment” in the influential daily Dawn said that in the appointment of recently retired army general Nasser Khan Janjua as the country’s new national security adviser are two stories.
“The first story is the military’s attempt to wrest away seemingly any space from the civilian government in the national security and foreign policy domains. In capturing the NSA slot, there are several advantages to the military.”
“The NSA is an important job and offers direct access to the civilian side of key foreign countries, which only awkwardly have been able to officially liaise with the military thus far. As NSA, Sartaj Aziz played a frontline role in reaching out to Afghanistan and India – and did so in a manner that reflected the civilian government’s priorities,” it said.
The daily pointed out that in the case of India, that was what led to the debacle that was Ufa. “…It is difficult to imagine Janjua being at Prime Minister Nawaz Sharif’s side and an Ufa-type declaration being approved by the Pakistani side.”
“Moreover, if talks do go ahead between the Indian and Pakistani NSAs, they are now likely to have a very different tone and tenor than if a PML-N appointee were to lead those talks,” it added.
Giving the other side of the story, the editorial noted the failings of the civilians.
“It was Sharif’s decision at the time of the cabinet formation in 2013 to retain the foreign and defence ministry portfolios for himself that set in motion a chain of events that have led to the present sorry state of affairs.”
“Compounding that original mistake, Aziz was made both special adviser on foreign affairs and NSA – merging foreign policy with national security to no obvious benefit and allowing both the Foreign Office and the NSA position to suffer,” it added.
The daily noted that the listless foreign policy performance of the government “created the opportunity for deep military intrusion”.
“Even on India, the only foreign policy issue the prime minister has shown sustained interest in, there have been a series of errors, culminating with Ufa, which has virtually eliminated any possibility of civilian initiatives on India,” the daily said.
“If the military has eagerly grabbed space for itself, it is partly because a three-term prime minister and his veteran advisers have proved utterly inept in the foreign policy and national security domains.
“…Worryingly, the government may find itself further squeezed out, even domestically.”