Alleged NSA hack of Swift service bureau revives ‘back door’ debate – Information Management
Reports that the National Security Agency infiltrated bank servers through a Swift service bureau highlight a recurring concern for financial institutions about the unintended consequences of U.S. government snooping.
The leaks that came out late last week from a hacking collective called Shadow Brokers indicate that the NSA exploited vulnerabilities in Microsoft Windows systems to break into servers at EastNets, a Dubai company that provides outsourced Swift connectivity to 260 financial institutions and corporations.
From there, Shadow Brokers documents suggest, the NSA was able to access computers used by some Middle Eastern bank members of Swift, the Society for Worldwide Interbank Financial Telecommunication. The NSAs goal, according to The New York Times, was to track money movements and thereby gain insight into potential terrorist groups or government officials.
The most immediate danger for U.S. banks (and any Windows user, for that matter) that the weaknesses in Microsoft code still exist, rendering every internet-connected computer running Windows open to hacking has passed. Microsoft said patches for all the vulnerabilities were issued more than a month ago, so any company that is up to date on Windows patching is safe from these.
But the U.S. governments insistence on using so-called back doors to access financial and customer information remains a concern. The same tools the NSA uses to prop open doors to such information could be used by cybercriminals and nation-states with more sinister motives. And it also raises privacy issues for companies and consumers that dont want the government watching their every move.
Governments are constantly going after different networks for espionage and national security purposes, said John Carlson, chief of staff at the Financial Services Information Sharing and Analysis Center, an industry trade group. Thats a reality we recognize.
The NSA headquarters in Fort Meade, Maryland. A financial industry cybersecurity trade group is "asking for clarification" from the agency about undisclosed software vulnerabilities it may be exploiting.The FS-ISAC, whose more than 7,000 financial services members share information with each other about cyberthreats, does not have an official position on whether the NSA should be using back doors for this type of monitoring, but Carlson noted the instabilities this kind of activity causes.
We would want the government to disclose zero days a type of vulnerability in software "so those can be fixed and mitigated, he said. Theres been dialogue in the past about governments buying up zero days so they can use them for espionage and national security purposes; that puts information at risk.
Asked if the FS-ISAC was talking to the NSA about this, Carlson said: Were asking for clarification. We havent gotten answers. (The spy agency did not respond to an email from American Banker requesting comment.)
Concerns about back doors came up last year when the FBI wanted Apple to give it a key to unlock all iPhones, ostensibly for the sole purpose of viewing the San Bernardino shooters calls. Apple refused, and the government found another way to unlock the phone.
It also arose in the financial industry two years ago when a startup software company called Symphony balked at providing regulators with a back door to the instant messages of its Wall Street clients. (They worked out an agreement through which a copy of all messages is kept by a third party.)
Traces of spyware
Shadow Brokers leaked a spreadsheet on Friday that indicates the NSA was able to access and infect with its spyware computers run by several bank clients of EastNets, including Qatar First Investment Bank, Tadhamon International Islamic Bank and Noor Islamic Bank.
Later the same day, EastNets issued a statement denying it had been hacked.
Reports of an alleged hacker-compromised EastNets Service Bureau network are totally false and unfounded, the company said in its press release. The EastNets Network internal Security Unit has ran a complete check of its servers and found no hacker compromise or any vulnerabilities.
The firm said its Swift service runs on a separate secure network that cannot be accessed over public networks.
The photos shown on Twitter, claiming compromised information, are about pages that are outdated and obsolete, generated on a low-level internal server that is retired since 2013, EastNets stated. It said it can confirm that no customer data was compromised in any way.
EastNets continues to guarantee the complete safety and security of its customers' data with the highest levels of protection from its SWIFT certified Service bureau," Hazem Mulhim, CEO and founder of EastNets, said in the statement.
The hacking tools that Shadow Brokers said the NSA used to monitor the Middle Eastern banks also appear to be outdated. The group pointed to seven vulnerabilities in Microsoft Windows software that were used to break into servers.
In a blog post early Saturday, Microsoft said those vulnerabilities had all been patched more than a month earlier. (Deviating from its normal practice, Microsoft did not disclose who found the vulnerabilities. This has led to speculation about possible collusion between the NSA and Microsoft.)
Microsoft declined to comment further. EastNets could not line up an executive by deadline.
In a statement provided midday eastern time Monday, Swift said it has "no evidence to suggest that there has ever been any unauthorised access to our network or messaging services.
Persistent vigilance
For now, the industry is watching this case closely.
Were still trying to understand the impact to the financial sector, said Carlson at the FS-ISAC.
We think the potential impact of the disclosures to this sector is relatively low but warrants attention," Carlson said. "Well be playing close attention to this.
Bankers, he said, should keep their systems up to date in the meantime.
Its very important to make sure all their systems are patched and that third-party providers patch their systems as well, Carlson said. There may be patches individual firms have not executed.
He also stressed the importance of having layered defense and redundant systems.
The biggest buzzword would be persistent vigilance, Carlson said. You have to be constantly vigilant about these kinds of threats. Adversaries will be looking to exploit any vulnerability out there and its up to firms to be constantly on guard, educating users on best way to defend the organization. Its part and parcel of our digital economy.
Penny Crosman is Editor at Large at American Banker.
Go here to see the original:
Alleged NSA hack of Swift service bureau revives 'back door' debate - Information Management
- NSA Ajit Doval speaks with Chinese FM Wang Yi amid rising India-Pak tension 'War not India's choice' - The Economic Times - May 11th, 2025 [May 11th, 2025]
- 'War was not India's choice and was not in the interests of any party': NSA Ajit Doval speaks to China's - Times of India - May 11th, 2025 [May 11th, 2025]
- NSA to cut up to 2,000 civilian roles - The Hill - May 10th, 2025 [May 10th, 2025]
- NSA Ajit Doval speaks with US Secretary of State 'shortly after' Indian strikes on Pak - Deccan Herald - May 10th, 2025 [May 10th, 2025]
- NSA to cut up to 2,000 civilian roles as part of intel community downsizing - The Record from Recorded Future News - May 10th, 2025 [May 10th, 2025]
- Operation Sindoor: NSA Doval engages with counterparts from US, UK, China, and Russia - Social News XYZ - May 10th, 2025 [May 10th, 2025]
- CIA, NSA to face major layoffs as Trump pushes intelligence reform - Times of India - May 5th, 2025 [May 5th, 2025]
- Dont see a major war with India, but have to be ready: Pakistan ex-NSA - Al Jazeera - May 5th, 2025 [May 5th, 2025]
- Donald Trump set to axe thousands of jobs at CIA, NSA and other agencies - Daily Mail - May 5th, 2025 [May 5th, 2025]
- 757Teamz softball Top 15: NSA moves up as Hickory perseveres to remain No. 1 - The Virginian-Pilot - May 5th, 2025 [May 5th, 2025]
- NSA head Mike Waltz and his deputy Alex Wong to exit Trump admin amid Signal chat fiasco - The Economic Times - May 5th, 2025 [May 5th, 2025]
- Trump speaks out on NSA shakeup, addresses third term talk - Fox News - May 5th, 2025 [May 5th, 2025]
- Mike Waltz, Alex Wong to resign: Here's who may replace NSA head and deputy - Hindustan Times - May 5th, 2025 [May 5th, 2025]
- A Lot of People Want the Job: Trump Says Hell Choose Waltzs NSA Replacement in Next 6 Months - The Daily Signal - May 5th, 2025 [May 5th, 2025]
- Will Steve Witkoff replace Mike Waltz as Donald Trump's new NSA? - Times of India - May 5th, 2025 [May 5th, 2025]
- Beavercreek native recognized for NSA Codebreaker achievement - Fairborn Daily Herald - May 5th, 2025 [May 5th, 2025]
- Marco Rubio to serve as acting NSA; Mike Waltz removed by President Trump - FOX 35 Orlando - May 5th, 2025 [May 5th, 2025]
- Trump says he will name new NSA within 6 months - LiveNOW from FOX - May 5th, 2025 [May 5th, 2025]
- Mike Waltz out as NSA, Rubio to serve in the interim - LiveNOW from FOX - May 5th, 2025 [May 5th, 2025]
- Mike Waltz Leaves White House for UN Witkoff Tipped as Trumps Next NSA - Hungarian Conservative - May 5th, 2025 [May 5th, 2025]
- McConnell calls out Trump for hiring amateur isolationists at Pentagon, firing NSA director - The Hill - April 8th, 2025 [April 8th, 2025]
- Trumps firing of NSA chief is rolling out the red carpet for cyber attacks - Politico - April 8th, 2025 [April 8th, 2025]
- A conspiracy theorist convinced Trump to fire the NSA director - Vox - April 8th, 2025 [April 8th, 2025]
- William Hartman Named Acting NSA Director Following Dismissal of Top Officials - ExecutiveGov - April 8th, 2025 [April 8th, 2025]
- NSA and partners Issue Guidance on Fast Flux as a National Security Threat - National Security Agency (NSA) (.gov) - April 8th, 2025 [April 8th, 2025]
- Security News This Week: NSA Chief Ousted Amid Trump Loyalty Firing Spree - WIRED - April 8th, 2025 [April 8th, 2025]
- Head of NSA and US Cyber Command reportedly fired - Cybersecurity Dive - April 8th, 2025 [April 8th, 2025]
- Trump fires Gen. Timothy Haugh from leadership of Cyber Command and NSA - DefenseScoop - April 8th, 2025 [April 8th, 2025]
- Gen. Timothy Haugh, head of NSA and Cyber Command, is fired - CBS News - April 8th, 2025 [April 8th, 2025]
- Trump's mixed tariff messaging and NSA director and deputy fired: Morning Rundown - NBC News - April 8th, 2025 [April 8th, 2025]
- NSA Director and Deputy Reportedly Dismissed: What We Know - Newsweek - April 8th, 2025 [April 8th, 2025]
- Haugh fired from leadership of NSA, Cyber Command - The Record from Recorded Future News - April 8th, 2025 [April 8th, 2025]
- Trump administration fires head of NSA and U.S. Cyber Command, along with other top officials - CBS News - April 8th, 2025 [April 8th, 2025]
- US Cyber Command, NSA Chief Gen. Timothy Haugh ousted by Trump admin - Breaking Defense - April 8th, 2025 [April 8th, 2025]
- Face the Facts: Rep. Himes talks about firing of two top NSA officials - NBC Connecticut - April 8th, 2025 [April 8th, 2025]
- NSA Issues Advisory on Fast Flux Cyberthreat - ExecutiveGov - April 8th, 2025 [April 8th, 2025]
- Loomer, far-right activist, urged Trump to remove NSA director and others: Sources - ABC News - April 8th, 2025 [April 8th, 2025]
- The NSA Sounds Security Alarm For Billions Of iPhone And Android Phones - HotHardware - April 8th, 2025 [April 8th, 2025]
- NSA director fired after Trumps meeting with right-wing influencer Laura Loomer - The Verge - April 8th, 2025 [April 8th, 2025]
- Trump fires head of NSA and Cyber Command - Nextgov - April 8th, 2025 [April 8th, 2025]
- What are the national security concerns of Trump firing the NSA, Cyber Command head? - CBS News - April 8th, 2025 [April 8th, 2025]
- Who is Timothy Haugh? The NSA chief fired amid cyber security concerns - Times of India - April 8th, 2025 [April 8th, 2025]
- NSA, CISA, FBI, and International Partners Release Cybersecurity Advisory on Fast Flux, a National Security Threat - Hstoday - April 8th, 2025 [April 8th, 2025]
- Senator King Responds to Reported Firing of NSA Director General Timothy Haugh - WAGM - April 8th, 2025 [April 8th, 2025]
- NSA warned of vulnerabilities in Signal app a month before Houthi strike chat - CBS News - March 26th, 2025 [March 26th, 2025]
- Trump said poised to fire NSA Mike Waltz for including journalist in top secret war chat - The Times of Israel - March 26th, 2025 [March 26th, 2025]
- Not the last Waltz: Trump defends NSA after security breach - The Times of India - March 26th, 2025 [March 26th, 2025]
- NSA warned about vulnerabilities in Signal prior to White House group chat fiasco - SiliconANGLE News - March 26th, 2025 [March 26th, 2025]
- NSA warned the Signal app was vulnerable last month - WTIC - March 26th, 2025 [March 26th, 2025]
- Codebreakers and Covert Agents: The Women Behind the NSA and CIA heads to Illinois State Museum - WAND - March 26th, 2025 [March 26th, 2025]
- NSA warned about using Signal a month before leak of Houthi strike chat - CBS News - March 26th, 2025 [March 26th, 2025]
- 'Putin is giddy': NSA knew Signal was vulnerable to Russian hackers before security breach - AlterNet - March 26th, 2025 [March 26th, 2025]
- RAW: NSA MIKE WALTZ EXPECTED TO VISIT GREENLAND - Local 3 News - March 26th, 2025 [March 26th, 2025]
- US NSA likely to visit India in third week of April - Hindustan Times - March 26th, 2025 [March 26th, 2025]
- Statement from Secretary Rubio and NSA Waltz on Call with Zelenskyy - Department of State - March 22nd, 2025 [March 22nd, 2025]
- Europe must invest more in defence amid global shifts: Greeces NSA Ntokos - Firstpost - March 22nd, 2025 [March 22nd, 2025]
- NSA Bahrain, NAVCENT Hold First-of-its-Kind Exercise Vigilant Resolve - navy.mil - March 22nd, 2025 [March 22nd, 2025]
- Former NSA boss Osei Assibey Antwi picked up by NIB - GhanaWeb - March 22nd, 2025 [March 22nd, 2025]
- WHAT THE TECH? NSA recommending weekly smartphone restarts & how it improves performance - Local 3 News - March 9th, 2025 [March 9th, 2025]
- Ex-NSA cyber chief warns of devastating impact of potential DOGE-inspired firings - Breaking Defense - March 9th, 2025 [March 9th, 2025]
- Former top NSA cyber official: Probationary firings devastating to cyber, national security - CyberScoop - March 9th, 2025 [March 9th, 2025]
- Prime Targets Martha Plimpton On Her NSA Character & Why This Political Thriller Works: Never Trust People In Charge - Deadline - March 9th, 2025 [March 9th, 2025]
- Former NSA Dep. Director, Gifty Oware-Mensah will see NIB over 80k ghost names allegations - GhanaWeb - March 5th, 2025 [March 5th, 2025]
- Zelensky is not ready for peace talks, US NSA says - Mehr News Agency - English Version - March 3rd, 2025 [March 3rd, 2025]
- More Than 100 Intelligence Staffers Will Be Fired Over Sexually Explicit Texts In NSA Chatrooms, Gabbard Says - Forbes - March 1st, 2025 [March 1st, 2025]
- NSA says it is investigating potential misuse of chat platform - The Record from Recorded Future News - March 1st, 2025 [March 1st, 2025]
- 100-plus spies fired after NSA internal chat board used for kinky sex talk - The Register - March 1st, 2025 [March 1st, 2025]
- Tulsi Gabbard says more than 100 intelligence officers will be fired for sexually explicit NSA chat messages - CNN - March 1st, 2025 [March 1st, 2025]
- Elon Asked What Government Workers Did. The NSA Overshared - Schiff Sovereign - March 1st, 2025 [March 1st, 2025]
- Tulsi Gabbard Fires 100 Intelligence Officers for Sex Chats on NSA-Hosted Tool - The Daily Beast - March 1st, 2025 [March 1st, 2025]
- Elon Musk reacts to leaked chat alleging NSA, CIA officials discussed raising intersex babies as non-bina - The Times of India - March 1st, 2025 [March 1st, 2025]
- What NSA, DIA agents said about Libs of TikTok, Ben Shapiro in leaked messages - The Times of India - March 1st, 2025 [March 1st, 2025]
- NSA staff accused of lurid sex chats at work they were just discussing LGBTQ+ issues - PinkNews - March 1st, 2025 [March 1st, 2025]
- Sen. Tom Cotton reacts to lewd NSA chats: 'We don't want these people anywhere near classified information' - Fox News - March 1st, 2025 [March 1st, 2025]
- At least 100 NSA staffers to be fired for explicit chats during work hours - WDRB - March 1st, 2025 [March 1st, 2025]
- Gifty Oware-Mensah on the run as NIB investigates NSA scandal - GhanaWeb - February 25th, 2025 [February 25th, 2025]
- Former NSA, Cyber Command chief Paul Nakasone says U.S. falling behind its enemies in cyberspace - CyberScoop - February 25th, 2025 [February 25th, 2025]
- NSA emphasizes strong defensive posture as it responds to report it hacked China - Washington Times - February 25th, 2025 [February 25th, 2025]
- How the NSA Head of Accounts was undermined by his deputy for eight months after appointment - GhanaWeb - February 25th, 2025 [February 25th, 2025]
- What Is Proteus in Zero Day? How the NSA Weapon Changes Everything - Collider - February 25th, 2025 [February 25th, 2025]