SWIFT Guard detects and mitigates targeted Advanced Attacks against SWIFT global money transfer networks system
Illusive networks, the leader in Deceptions Everywhere® cybersecurity, today announced SWIFT Guard, the first cyber deception technology designed to detect, report and mitigate targeted attacks against SWIFT banking systems.
Recently the SWIFT banking system proved a highly attractive target for Advanced Attackers, as illustrated by the $81 million cyber heist from the Bangladesh Bank, which has been followed by a dramatic increase in SWIFT targeted attacks around the globe.
Defending the SWIFT banking network presents unique challenges. It is very difficult for financial institutions to quickly update and patch wire transfer mission-critical systems. Conventional prevention technologies have failed to properly defend financial institutions. Smaller banks with minimal cyber defense resources have also served as weak links in the chain.
illusive continues to pioneer the deception-based cybersecurity market with its newest cyber deception technology aimed specifically at securing SWIFT banking networks. SWIFT Guard deploys a purpose-built family of SWIFT Deceptions to lure the attacker to multiple decoy SWIFT systems, provides real-time source-based forensics, and detects attacker’s lateral movements aimed at the SWIFT network in real-time.
“The vast majority of attention and budgets continue to be allocated to prevention tools, which are proving ineffective in protecting against advanced attacks that caused severe damage and financial loss to financial institutions worldwide,” said Shlomo Touboul, CEO, illusive networks. “It’s also not easy to upgrade the SWIFT configuration. An overall blanket is needed to close the gap in security. Deception based technology is the last chance to detect and mitigate sophisticated attacks aimed at the SWIFT system.”
In a SWIFT attack, hackers penetrating any endpoint in the network, use existing attack vectors and move laterally in search of SWIFT user and admin credentials, as well as SWIFT entities such as the SWIFT SAA, SAG, SWIFT SWP and MQ etc. illusive SWIFT Guard deploys deceptions on every end-point in the networks, making it appear to attackers as if they are infiltrating the real SWIFT system. In actuality, they are interacting with decoy SWIFT systems, entities, objects and credentials (“deceptions”). When attackers activate any of the deceptions, they are immediately detected, reported specifically as a SWIFT attack, and forensics data is automatically obtained from the source endpoint targeting SWIFT, and the attack is mitigated.
Even attackers who are already established in the customer network and try to move to any SWIFT entity will be detected. illusive SWIFT Guard deceptions are invisible to regular users and IT personnel, offering protection against insider and external attackers without generating any false positive alerts.
Many SWIFT installations use older SWIFT versions that do not meet current SWIFT security standards, and are costly and difficult to update. SWIFT Guard closes the security gap by detecting and mitigating against attacks regardless of version and configuration.
SWIFT Guard combines with illusive networks’ Attacker View, which reveals all attack paths to the SWIFT network. This allows defenders to understand where their network is exposed and make calculated decisions on how to optimize deception policy.