• Tech

A New Generation of Bank Robbers Infiltrates Global Finance

4 minute read

It feels like magic: A few strokes on a smartphone and your life savings appears on a glass screen, a collection of pixels in your palm. A few more clicks and the balance ticks up or down as funds appear or are whisked away to pay a bill or send money overseas, the result of an unseen digital dialogue between your bank and another, sometimes thousands of miles away.

This instant ebb and flow is made possible in part by a vast and powerful consortium called SWIFT, the Society for Worldwide Interbank Financial Telecommunication, which facilitates the exchange of tens of millions of messages a day between thousands of financial institutions. It’s the linchpin of the international banking industry, the invisible causeway on which global commerce hums.

But the reliability of this system is now in doubt. In February, hackers infiltrated Bangladesh’s central bank and fired off three dozen forged SWIFT messages to other banks, requesting the transfer of roughly $1 billion to accounts in Asia. While a misspelling in some of the messages raised a red flag in time to stop most of the transfers, the criminals succeeded in tricking the Federal Reserve Bank of New York into sending a Philippine bank $81 million, much of which later vanished into the country’s casinos. On June 1, the U.S. House Science Committee began looking into the heist.

It was one of the biggest bank robberies in history, but the amount of money was not the real worry–$81 million is a tiny fraction of the billions moved in response to SWIFT messages every day. What shook the banking community was the breach of trust. If the legitimacy of SWIFT messages is in doubt, then the entire industry–from personal money transfers to settling securities and derivatives transactions on a commercial scale–could grind to a halt. “This is a big deal,” said SWIFT CEO Gottfried Leibbrandt at a financial-services conference in Brussels in late May. “There will be a before and an after Bangladesh.”

The Bangladesh fraud was not an isolated incident. Investigators are now aware of two more commercial banks, in Ecuador and Vietnam, that were hacked in a similar way. The Ecuadorean bank lost at least $9 million in the heist, while the Vietnamese bank identified the fraudulent SWIFT messages before acting on them. In May, researchers at the cybersecurity firm Symantec linked the attack on the Bangladesh bank to the hack on Sony in 2014, for which the FBI has blamed North Korea. Researchers say as many as half a dozen other banks may be infected with similar malware.

SWIFT, which is based outside Brussels, has scrambled to restore trust in its system by launching a new security program and begging its members to be more forthcoming about new breaches. In January 2015, after hackers first infiltrated the Ecuadorean bank’s messaging system, the bank did not report the incident, a SWIFT spokesperson noted, denying bankers in Bangladesh and Vietnam information that might have helped them detect and prevent subsequent attacks. SWIFT also announced other security improvements, including new tools to remotely monitor messages and detect anomalies in the network, and an up-to-date two-step verification system.

Meanwhile, a host of industry insiders, including cyber experts at some of the biggest U.S. banks, have recently backed efforts to build a new system of global financial communication that employs what’s known as blockchain technology, which is also used to transfer the digital currency Bitcoin. Under such a system, trust is established not through a centralized routing authority, like SWIFT, but through direct relationships, mass collaboration and code. “It’s definitely a promising technology,” said former Federal Deposit Insurance Corporation chair Sheila Bair, who also works with one company on the technology.

Liam O’Murchu, a researcher at Symantec, hopes that the recent SWIFT hacks will prompt a sea change in the financial industry. Now that hackers have demonstrated that they can exploit the SWIFT system, he said, banks should brace themselves for attacks on other parts of their digital networks, like those that manage stock prices. “It’s a constant battle to keep up with these guys,” he said, “to anticipate where they’re going to go next.”

More Must-Reads From TIME

Write to Haley Sweetland Edwards at haley.edwards@time.com