The Risks of the SWIFT network

While the world seems to be full of cryptocurrency hacks, it should not be forgotten that the SWIFT network is still a major security risk. Over the weekend it has been revealed that India’s City Union Bank has been hacked for over $2 million using the SWIFT financial platform. While cryptocurrencies are built on solid cryptography (and where poor handling of the wallets are responsible for most of the hacks), the SWIFT network is built on more traditional methods of money transfer.

The headquarters of SWIFT is in Belgium, and it supports a global network (SWIFTNet) of over 9,000 financial organisations in order to transfer of funds between banks using Business Identifier Codes (BICs), which are also known as “SWIFT codes”. At present there are around 15 million messages per day, and where the network does not hold any of the account details of its members, nor does it clear the transaction. For this it sends payment orders which are then settled by the target of the transaction. Any company which uses the SWIFT network must have a business relationship with an associated member.

The BIC value uniquely identifies the name and country of the bank — and possibly the branch. It was either 8 or 11 characters long. The Bank of Ireland’s BIC has an eight character code which is BOFIIE2D: BOFI (4 digit code for the bank); IE (Ireland ISO Code); and E2 — Location Code. We…