Short Bytes: Hackers of seemingly morally-bound nature have revealed more insights into the NSA’s activities. This time, the documents obtained by a group called Shadow Hackers have shown that the National Security Agency has managed to gain access to the global money transfer system in banks. This, most likely, had been carried out by exploiting a vulnerability in software that’s commercially available for millions of users.Hackers of all natures exist, but some of them are rather humane when it comes to people getting involved in nefarious activities. On this occasion, documents and files released by a hacker group reveal that the NSA has breached global money transfer systems. According to additional details of these documents, the agency was most likely able to accomplish this by exploiting a weakness in a widely available software.
The hacktivist group calls itself the Shadow Brokers and the released documents also show that the NSA had accessed the SWIFT money transfer system in both Middle East and Latin America. This is not the first time that the group has led its crusade against the security agency. Previously, it revealed a password for an encrypted folder that contained the tools the NSA used for hacking purposes.
Matt Suiche, who is the founder of cybersecurity firm Comae Technologies, states that the entities using SWIFT to facilitate transactions were using Windows servers that hinted a strong level of vulnerability. This is what helped the NSA take a piggy-back ride and penetrate the entire system, according to Reuters.
“As soon as they bypass the firewalls, they target the machines using Microsoft exploits. We now have all of the tools the NSA used to compromise SWIFT (via) Cisco firewalls, Windows.”
Microsoft claims that the vulnerabilities have been patched, but that is not going to help if the NSA has managed to find its way through the system. Some authorities such as the Belgium-based SWIFT division have stated that they didn’t manage to find any evidence that any unauthorized personnel accessed their network. Whether they are attempting to hide the fact that their system is weak to attacks like this or is completely robust from a security point of view, it is yet to be confirmed.
If a breach like this is possible, then it is also possible for other malicious hacking groups to start taking advantage of these vulnerabilities in the SWIFT network.
For now, companies that are involved in this should make more efforts to strengthen their network. Will we see more document leaks from the Shadow Brokers? It looks like the time will tell.
If you have something to add, drop your thoughts and feedback.