SWIFT publishes a report on how cyber-criminals operate and what needs to be done to stop them


The current state of cyber-crime has led to an annual total revenue of over USD1.5 trillion. Cyber-criminals frequently target banks as they can provide the necessary accessibility to funds to launder. SWIFT has published a report describing what cyber-criminals do and how they may be stopped. Here are a few highlights of this report.

Cyber-criminals follow an elaborate process to carry out large-scale cyber heists. Firstly, they need access to bank accounts that can be used to transfer the stolen or laundered cash. For ATM-related heists, criminals also recruit money-mules who act as intermediaries to take the stolen cash out of the ATMs and out of the designated ‘laundering’ accounts. If and when such a heist gets investigated by authorities, it is the money mule who is seen as being at the forefront. If the criminals do not execute this step properly, authorities can successfully catch them. Therefore, many measures designed to mitigate the risk of successful cyber-heists focus on money-mules. After a successful cyber-heist, cyber-criminals might end up reinvesting the proceeds of a cyber-heist in crimes such as drug trafficking.

Keeping this flow of money in mind, what is it that authorities need to do to catch cyber-criminals promptly? Firstly, it is important to share all relevant information with necessary authorities, national or international, to eliminate ML risks. In 2017, SWIFT set up a global information sharing initiative to facilitate the investigation of cyber incidents. It also set up a portal to share threat intelligence within the entire SWIFT member community. In addition to information sharing, compliance and reporting must be ensured and enhanced. Authorities must pay special attention to cyber security too.