A foiled hacking attack on a small Vietnamese bank may have been a practice run for an $81 million cyber assault on Bangladesh's account at the Federal Reserve Bank of New York, and points to vulnerabilities in how banks connect to the SWIFT interbank messaging system.

Vietnam's Tien Phong Commercial Joint Stock Bank, known as TPBank, informed the country's regulators on Monday that it had fended off a fraudulent transfer request late last year for more than 1 million euros ($1.13 million). The request came through a third-party service that the bank used to connect to the SWIFT interbank messaging system, the Hanoi-based lender told the central State Bank of Vietnam. The regulator said it's investigating, though the incident didn't result in any losses.

"What cyber criminals have been trying to do is focus on banks that might be using outdated versions of SWIFT or third-party vendor software," said Kenneth Wong, cyber security leader of PricewaterhouseCoopers China and Hong Kong, calling the Vietnam attack "most likely" a warm-up for the Bangladesh incident. "There's always a race between software companies and hackers."

Complete your profile to continue reading and get FREE access to Treasury & Risk, part of your ALM digital membership.

Your access to unlimited Treasury & Risk content isn’t changing.
Once you are an ALM digital member, you’ll receive:

  • Thought leadership on regulatory changes, economic trends, corporate success stories, and tactical solutions for treasurers, CFOs, risk managers, controllers, and other finance professionals
  • Informative weekly newsletter featuring news, analysis, real-world case studies, and other critical content
  • Educational webcasts, white papers, and ebooks from industry thought leaders
  • Critical coverage of the employee benefits and financial advisory markets on our other ALM sites, PropertyCasualty360 and ThinkAdvisor
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.