NSA penetrated SWIFT banking network in Middle East: Hackers


Washington, Apr 15 (IANS): An anonymous hacking group "Shadow Brokers" that leaked online a collection of powerful hacking tools allegedly used by the US National Security Agency (NSA) has also published another set of documents that indicate that NSA penetrated the SWIFT banking network in the Middle East.

The Society for Worldwide Interbank Financial Telecommunication (SWIFT) provides a network that enables financial institutions worldwide to send and receive information about financial transactions in a secure, standardised and reliable environment.

"This reportedly gave the US spy service a window into the financial activities of a range of organisations, including those belonging to firms in Qatar, Dubai, Abu Dhabi, Syria, Yemen and the Palestinian territories," said a report in The Wired on Saturday.

Meanwhile, EastNets Service Bureau, that provides outsourced SWIFT connectivity, on Saturday denied that its bureau was compromised and said that the reports of hack are "totally false and unfounded".

"The reports of an alleged hacker-compromised EastNets Service Bureau (ENSB) network is totally false and unfounded. The EastNets Network internal Security Unit has run a complete check of its servers and found no hacker compromise or any vulnerabilities," the bureau said in a statement.

"The EastNets Service Bureau runs on a separate secure network that cannot be accessed over the public networks. The photos shown on twitter, claiming compromised information, is about pages that are outdated and obsolete, generated on a low-level internal server that is retired since 2013," the statement added.

EastNets is a Dubai-based firm that oversees payments in the global SWIFT transaction system for dozens of client banks and other firms, particularly in the Middle East.

The "Shadow Brokers" is a group of anonymous hackers that published hacking tools used by the NSA last year.

According to experts, the leaks, published by the Shadow Brokers, target a variety of Windows servers and Windows operating systems, including Windows 7 and Windows 8, CNN reported.

"They may have been used to target a global banking system. One collection of 15 exploits contains at least four Windows hacks that researches have already been able to replicate," the experts were quoted as saying.

"This is quite possibly the most damaging thing I've seen in the last several years," said Matthew Hickey, founder of security firm Hacker House.

"This puts a powerful nation state-level attack tool in the hands of anyone who wants to download it to start targeting servers."

Shadow Brokers did not provide a coherent explanation of why they chose to publish the Microsoft and SWIFT vulnerabilities.

According to another report in Fortune, the group -- believed to be tied to the Russian government -- also released a set of confidential hacking tools used by US intelligence organisation the NSA to exploit software vulnerabilities in Microsoft Windows software.

The document dump -- which is mostly lines of computer code -- amounts to an emergency for Microsoft because the hacks consist of a variety of "zero-day exploits" that can serve to infiltrate Windows machines for purposes of espionage, vandalism, or document theft.

A security executive who runs the Twitter account @HackerFantastic called the development a "Microsoft apocalypse."

Other well-known figures in the security community also underscored the severity of the event for Microsoft.

  

Top Stories


Leave a Comment

Title: NSA penetrated SWIFT banking network in Middle East: Hackers



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.