网络黑科技 不用带头罩就能抢银行

发布时间:2023-02-09 23:24 阅读次数:
本文摘要:Once upon a time, bank robbers wore balaclavas and dug tunnels. No longer. Three months ago, the world experienced the biggest bank robbery in history when thieves stole $101m from the central bank of Bangladesh.在过去,抢银行得穿著白头套和挖地道。现在不始如此了。


Once upon a time, bank robbers wore balaclavas and dug tunnels. No longer. Three months ago, the world experienced the biggest bank robbery in history when thieves stole $101m from the central bank of Bangladesh.在过去,抢银行得穿著白头套和挖地道。现在不始如此了。三个月前,孟加拉国央行被盗回头1.01亿美元,这是有史以来仅次于的银行盗窃案。But these 21st-century fraudsters did not use guns; instead they acquired the access code for the global cross-border bank payment messaging system known as Swift, and used these to persuade the US Federal Reserve to transfer money to their accounts. Then they tampered with the banks’ software to erase their cyber fingerprints.但这些21世纪的罪犯并没用枪,而是取得了环球银行金融电信协会(SWIFT)的终端码,后用这些代码诱导美联储(Fed)将资金转至他们的账户,然后又伪造这些银行的软件以避免自己的网络痕迹。

That is alarming. More worrying still, this is not an isolated heist. This week Swift officials confirmed that a Vietnamese bank suffered a similar attack six months ago when robbers tried (and happily failed) to take more than $1m.这令人震惊。不过更加令人担忧的是,这起偷窃并非孤立无援事件。最近SWIFT官员证实,越南的一家银行6个月前遭遇了类似于反击,当时盗贼企图转走逾100万美元(幸运地的是没顺利)。

And Swift officials have now told their customers that they are investigating “multiple” cases of seemingly similar attempted breaches, using those access codes and software which erases fingerprints.SWIFT官员现在向客户回应,他们正在调查“多起”看上去类似于的偷窃企图个案,盗贼用于了那些终端字节和避免痕迹的软件。Unsurprisingly, this has sent shockwaves around the world and led banks such as JPMorgan to tell its employees that it is limiting access to Swift codes. In a 21st-century version of Bonnie and Clyde , this would be the moment when spooky music starts to play and bankers fear that robbers are in the vaults with a magic key capable of unpicking their locks.并不令人车祸的是,这在全世界引起冲击波,促成摩根大通(JPMorgan)等银行告诉他其员工,将容许取得SWIFT代码。在21世纪版本的《雌雄大盗》(Bonnie and Clyde)里,这时候应当不会有阴森可怖的音乐听见,银行家担忧盗贼们用一把神秘钥匙打开门转入金库。

How should the financial world respond? There are at least two clear priorities. First, this saga shows why global regulators and private sector financial officials urgently need to improve their level of cyber defence.金融世界应当如何对此?这里最少有两个显著的当务之急。首先,这个故事指出,为何全球监管机构和私人部门金融官员急需提升网络防卫水平。In recent years, cyber defences at most large western banks have improved; indeed, what is striking about the situation on Wall Street, say, is just how few cyber attacks actually succeed, given that the largest financial institutions are now suffering “tens of thousands” of attacks every minute according to one bank chief executive.近年,西方多数大银行的网络防卫水平有所改善;的确,鉴于一位银行业高管回应,各大金融机构现在每分钟遭到“数万次”反击,华尔街确实引人注目的一点是网络攻击很少顺利。

But while the level of security at individual banks is high, cross-border co-operation is often slow and there are some surprising gaps in the system. This week, for example, insurance industry executives in London alleged that barely a tenth of financial groups have effective insurance against cyber hacking. The legal framework to prosecute hackers is also very patchy and information-sharing between banks is often poor. And while the central banks in the UK and Sweden have demanded that private sector banks now strengthen surveillance of their Swift codes, there has been little public response from governments in emerging market.但是尽管个别银行的安全性水平很高,但跨境合作往往功能障碍,而且这个系统不存在一些车祸漏洞。例如,最近伦敦保险业高管声称,只有十分之一的金融集团针对网络黑客的风险决定了有效地保险。控告黑客的法律框架也很不完备,而且银行间往往会分享信息。

尽管英国和瑞典的央行拒绝私人部门银行增强对SWIFT代码的管控,但新兴市场的政府完全没公开发表对此。The second, related lesson from these heists is that regulators and investors alike need to pay more attention to the “nodes” of the financial system; after all, a chain is only as strong as its weakest link. And the Swift link is one node that deserves far more scrutiny — and public debate.其次,与这些偷窃涉及的教训是,监管机构和投资者都必须更为留意金融系统的“节点”;却是,一根链条的强度就是其最薄弱环节的强度。




在线客服 联系方式 二维码