Sat, Oct 14, 2017 - Page 12 News List

FSC clarifies shortcomings leading to Far Eastern heist

By Ted Chen  /  Staff reporter

The Financial Supervisory Commission (FSC) on Thursday shed further light on information security shortcomings at Far Eastern International Bank (遠東商銀) that led to what could have been a US$60 million cyberheist.

The lender’s systems were breached because it did not complete required standard operating procedures, the commission said, citing findings from a preliminary investigation shortly after the hack was reported.

The bank had failed to abide by the principal of least privilege, a fundamental concept in information security entailing that user accounts should be given the minimum level of clearance to perform the tasks that they have been assigned.

Instead, the bank’s system administrators granted more “superuser” accounts than necessary out of day-to-day convenience, the commission said.

That made it easier for hackers to compromise the system, as they had more targets to infiltrate to gain high-level access on the system.

In addition, the lender did not have adequate network segmentation for their connection node to the Society for Worldwide Interbank Financial Telecommunication (SWIFT) messaging system, which is used by financial institutions to send and receive financial transaction information across the globe.

While guidelines required network segmentation for both workstation computers and servers, the bank only had fulfilled the requirement for its workstations, the commission said.

In the absence of network segmentation, the hackers were able to distract the bank with attacks to its system’s running services — such as online banking, ATMs and credit cards — while their intended target was the lender’s connection to the SWIFT system, the commission said, adding that lapses in internal control measures, such as transaction approvals, also slowed detection of the cyberattack.

Criminal Investigation Bureau section chief Chiu Shao-chou (邱紹洲) yesterday told a news conference in Taipei that Sri Lankan police arrested two of the five suspects allegedly involved in the cyberheist and that 99.74 percent of the lost money had either been recovered or at least frozen.

Comments will be moderated. Keep comments relevant to the article. Remarks containing abusive and obscene language, personal attacks of any kind or promotion will be removed and the user banned. Final decision will be at the discretion of the Taipei Times.

TOP top