Global cyber-crime initiative urged after Bangladesh bank heist
US President Barack Obama has been urged by six senators to push the issue of cyber-crime at this weekend's G20 summit in China following the theft of $81m (£62m) from Bangladesh's Central Bank.
In April, cyber-attackers targeted the software behind the SWIFT network, a cooperative owned by 3,000 financial institutions around the world, by spreading malware.
Sherrod Brown, a senior Democrat on the Senate Banking Committee, and five other Democratic senators have submitted a letter addressed to the White House calling for Obama to press the world’s leaders to commit to a ‘coordinated strategy to combat cyber-crime at critical financial institutions’.
During the attack on the Bangladesh Central Bank, nearly $1bn was requested from an account held at the Federal Reserve Bank of New York using the SWIFT banking network, which is used as a secure messaging service between institutions.
Although most of the transactions were blocked, $81m was lost, disappearing into Philippines casinos, resulting in months of international accusations about who was responsible and an ongoing investigation.
"Our financial institutions are connected in order to facilitate global commerce, but cyber criminals - whether independent or state-sponsored - imperil this international system in a way few threats have," the senators wrote.
"We strongly urge you to work with your counterparts and prioritize this discussion at the G20 leaders level in September," it said of the summit to be held in Hangzhou, China, adding that "executive leadership circles across the globe" needed to pay more attention to the risks.
A senator in the Philippines has said Chinese hackers were likely to have pulled off the Bangladesh Bank heist, citing a network of Chinese people involved in the routing of the stolen funds through Manila although Beijing has dismissed the allegation.
The White House expects G20 members at the summit “to affirm their commitment to cooperate to fight cybercrime and to enhance confidence and trust in the digital economy”, a senior administration official said.
At a November summit, the G20 pledged not to conduct economically motivated cyber espionage, an agreement intended to reduce the estimated hundreds of billions of dollars’ worth of commercial trade secrets that are stolen by foreign governments seeking to benefit industry in their own countries.
World regulators should "erect more robust defences and collaborative systems to prevent and mitigate the impact of successful attacks," the letter said, noting that steps already taken by SWIFT are not enough.
"I am concerned about the response and what steps have been taken to make sure it doesn't happen again," said senator Gary Peters. "You just need more collaboration and sharing of information... because often times all these entities aren't talking to each other."
Meanwhile, virtual banks used for Bitcoin transactions have also come under scrutiny after hackers penetrated a secure authentication system at a bitcoin exchange called Bitfinex earlier this month, stealing around $70m worth of the virtual currency.
The cyber theft, the second largest by an exchange since hackers took roughly $350m in bitcoins at Tokyo's MtGox exchange in early 2014, is hardly a rare occurrence in the emerging world of crypto-currencies.
A new study has shown that a third of bitcoin trading platforms have been hacked, and nearly half have closed in the seven years since Bitcoin’s creation.
This rising risk for bitcoin holders is compounded by the fact there is no depositor's insurance to absorb the loss, even though many exchanges act like virtual banks.
Not only does that approach cast the cyber security risk in stark relief, but it also exposes the fact that bitcoin investors have little choice but to do business with under-capitalized exchanges that may not have the capital buffer to absorb these losses the way a traditional and regulated bank or exchange would.
"There is a general sense in the bitcoin community that any centralized repository is at risk," said a US-based professional trader who lost about $1,000 in bitcoins when Bitfinex was hacked.
"So when investing, you always have that expectation at the back of your head. I lost a small amount compared to the others, but I know of traders who lost millions of dollars’ worth of bitcoins."