Interbank Payment System Penetrated
Last month a hacker group calling itself Shadow Brokers released materials suggesting that the U.S. National Security Agency (NSA) has been monitoring the SWIFT interbank messaging system. If fully verified, this is a serious threat in and of itself. According to an April 14, 2017 article by Clare Baldwin in Reuters:
Hackers released documents and files on Friday that cybersecurity experts said indicated the U.S. National Security Agency had accessed the SWIFT interbank messaging system, allowing it to monitor money flows among some Middle Eastern and Latin American banks.
The release included computer code that could be adapted by criminals to break into SWIFT servers and monitor messaging activity, said Shane Shook, a cyber security consultant who has helped banks investigate breaches of their SWIFT systems.
The April 14th issue of WIRED by Andy Greenberg went into greater detail on the same story:
…the Shadow Brokers published documents that—if legitimate—show just how thoroughly US intelligence has compromised elements of the global banking system. The new leak includes evidence that the NSA hacked into EastNets, a Dubai-based firm that oversees payments in the global SWIFT transaction system for dozens of client banks and other firms, particularly in the Middle East. The leak includes detailed lists of hacked or potentially targeted computers, including those belonging to firms in Qatar, Dubai, Abu Dhabi, Syria, Yemen, and the Palestinian territories. Also included in the data dump, as in previous Shadow Brokers releases, are a load of fresh hacking tools, this time targeting a slew of Windows versions.
So what does SWIFT mean? From a WIRED magazine piece last year:
“SWIFT stands for the Society for Worldwide Interbank Financial Telecommunication and is a consortium that operates a trusted and closed computer network for communication between member banks around the world. The consortium, which dates back to the 1970s, is based in Belgium and is overseen by the National Bank of Belgium and a committee composed of representatives from the US Federal Reserve, the Bank of England, the European Central Bank, the Bank of Japan and other major banks. The SWIFT platform has some 11,000 users and processes about 25 million communications a day, most of them money transfer transactions. Financial institutions and brokerage houses that use SWIFT have codes that identify each institution as well as credentials that authenticate and verify transactions.”
We already knew that the SWIFT system had been targeted by criminals. Proof comes in the fact that $81 million was stolen from Bangladesh with $1 billion having been targeted. Other banks were targeted and some maybe successfully. This had serious implications, according to Kim Zetter in that same WIRED magazine report (May 17, 2016):
What Does the Heist Mean?
“Even if the hackers didn’t compromise the SWIFT network itself, such that all of SWIFT banks were vulnerable, it’s still bad news for the global banking process. By targeting the methods that member banks use to conduct transactions over the SWIFT network, the hackers undermine a system that until now had been viewed as stalwart.
The incidents also raise integrity issues about the trustworthiness of SWIFT reporting. The US government relies on SWIFT transaction records to alert it to suspicious money transfers that could be related to terrorism financing.”
Here is the problem. A couple of bank heists a year ago undermined the reputation of SWIFT. Now, with the NSA hacking/monitoring “tools” made public, the SWIFT system seems even more vulnerable.
For background, it is important to know that monitoring SWIFT is big business for spies. If you want to know what is happening, you follow the money. The NSA knows this and that is why they likely have been monitoring global transactions. In addition, the United States and/or United Nations have used their position to suggest that certain countries should be cutoff from SWIFT. Such a cutting off is a powerful economic weapon. Even the threat has serious ramifications. This was used recently with North Korea. Before that, SWIFT cutoff was used against Iran. Russia has feared being denied access to SWIFT so much that they created their own version. Perhaps the best known alternative was developed by China, known as CIPS (China International Payment System). According to Financial Times, the launch of CIPS was undertaken precisely because the Chinese feared SWIFT spying:
The Financial Times article also suggests that having this system will allow the Chinese renminbi to rival the U.S. dollar for global trade. At one point, the Chinese want the U.S. dollar entirely replaced and the world “de-Americanized.”
Now, with the release of the Shadow Brokers files, the Chinese and Russians have the opening argument they need to pry the world off of SWIFT and on to an alternative. Russia is already bragging about this as shown in Sputnik News:
by Pepe Escobar April 21, 2017
Enveloped in layers of subtle sophistication, there’s no way to know the deeper terms Beijing and Moscow have agreed upon behind those innumerable Putin-Xi Jinping high-level meetings.
Diplomats, off the record, occasionally let it slip there may have been a coded message delivered to NATO to the effect that if one of the strategic members is seriously harassed — be it in Ukraine or in the South China Sea – NATO will have to deal with both.
For now, let’s concentrate on two instances of how the partnership works in practice, and why Washington is clueless on how to deal with it . . .
Exhibit A is the imminent visit to Moscow by the Director of the General Office of the Chinese Communist Party (CCP), Li Zhanshu, invited by the head of the Presidential Administration in the Kremlin, Anton Vaino. Beijing stressed the talks will revolve around – what else — the Russia-China strategic partnership, “as previously agreed on by the countries’ leaders.” . . .
Follow the money
Exhibit B centers on Russia and China quietly advancing their agreement to progressively replace the US dollar’s reserve status with a gold-backed system . . .
In parallel, Russia and China are advancing their own payment systems. With the yuan now enjoying the status of a global currency, China has been swiftly promoting their payment system, CIPS, careful not to frontally antagonize the internationally accepted SWIFT, controlled by the US . . .
Whether this is bluster or serious warning, there should be little doubt that this is the story Russia is promoting. Putin has long threatened the U.S. dollar. If you believe the Russians would meddle in our election, can you be certain they wouldn’t try to undermine our financial system?
Now, connect the dots. With the newly released NSA information and the successful theft of huge amounts of money, the Chinese and Russians can argue that the Western-based system is vulnerable. They will attempt to get even allies of ours to at least connect via CIPS. Will they be successful? Likely yes. As proof remember back to how we opposed allies joining the Asian Development Bank. Yet, they joined China anyway despite our opposition. What happens if Russia and China use their very sophisticated hacker squads to turn the screws on SWIFT? And, if the Shadow Brokers release is proven accurate, will they be able to justify such activity if caught by pointing to the NSA files?
Many will no doubt argue that the Chinese economy is far too shaky for such a move. The truth is that such a move is actually more likely to occur out of desperation. If you run out of options and have nothing to lose, why wouldn’t you make a play? If the world turns away from SWIFT, that is bad enough as we lose a potent economic weapon.If the world turns to CIPS, it’s worse as we see China pick up a potentially loaded economic weapon.
The bottom line is this. Shadow Brokers have given Russia and China the justification to press their alternative to SWIFT if and when they so choose. And, if the Chinese economy starts to turn down, they may have the incentive to do so sooner rather than later. This is a serious cause for concern.
Originally published on Global Economic Warfare.