The Union Bank of India had reported a case of cyber attack on one of its nostro accounts last year on the 21st of July. At that point , the amount remained undisclosed and the breach was said to have happened from an email attachment opened by one of its employees.It was a phishing attack. An email with the handle @rbi.org.in had an attachment -a zip file with a .xer file.While one employee fell pray, some were smart to report it as suspicious. However, it was too late.The malware had entered the bank.
A sum of $171 million had been debited from its nostro account with Citibank New York .Since Swift recon happens only the next day once the nostro statement comes in , the bank’s treasury department realised only the next day.
The money by then had been moved to accounts in two banks in Cambodia—the Canadia Bank Plc and RHB IndoChina Bank Ltd, besides the Siam Commercial Bank in Thailand, Bank Sinopac in Taiwan, and a bank in Australia. These funds were routed by Citibank New York and JP Morgan Chase New York, which hold UBI’s foreign exchange accounts.
SWIFT maintains a neutral stand in the investigation primarily initiated by UBI and insists no breach at its end.However , it is high time that SWIFT looks at its loopholes -recon delays , lack of built in fraud early warning mechanism and an AI powered neural network enabled clustering system that can track such suspicious activity.
With blockchain heralding a new age of cryptographic security and unit level transparency the bank’s must also look for alternatives to the wire transfer monopoly and it’s inherent loopholes.