Hardening your SWIFT Environment

Hardening your SWIFT Environment

Hardening your SWIFT Environment

Dear Esteemed Clients,
Following various  incidents and threats to the security of the SWIFT Messaging System used by majority of all banks in the country, Digital Encode found it necessary to circulate the following tips to help financial institutions secure their SWIFT Environments.
Recommendations
1. User Access Management: Proper user management should be observed at both the Application and Operating System (OS) level for all SWIFT Platforms. Being a critical environment, only specific users who require access to these platforms must  be permitted. For more security, we also suggest implementing a jump host, so that users requiring remote access to the SWIFT Servers can only connect through this jump host.
2. Network Security: For optimum network security around the SWIFT Environment;

(i) Ensure that all SWIFT Servers  are placed in a secured segment and behind a firewall.

(ii) All permitted IPs should be bound to the users MAC Address to prevent spoofing attacks.

(iii) Deny all inbound and outbound connections to the internet or ensure strict internet filtering if required.

3. Implement Secure Protocols & Services: Ensure that SWIFT Message partners (interfacing applications) connect to the SWIFT Servers through SFTP.  All other unnecessary and insecure services should be disabled on the servers.
4. Update Security Patches and Antivirus: Windows Security Patches and Antivirus on the SWIFT Servers should be regularly updated. A process should be in place to regularly validate this by another party outside those responsible for running the updates.
5. Monitoring: Ensure all SWIFT Servers  have File Integrity Monitoring solution and are adequately configured to detect unauthorized access/changes to pertinent files and folders, especially folders where transaction requests are dropped. They should also be enrolled on a SIEM tool and it should be ensured that all the Servers are reporting logs to this tool. There should be audit trails for all activities and the logs should be regularly monitored.
6. Multi Factor Authentication:

(i) If not already implemented, all users on the SWIFT Alliance platform should have Multi Factor Authentication applied to their profiles on the Application.

(ii) Multi Factor Authentication should be implemented on all the SWIFT Servers i.e. the OS level.

7. Secure Mailing Culture: It is possible to easily spoof mails and links by a malicious individual. Users of the SWIFT Platform should learn to discern such scenarios and be continually sensitized with information security awareness programs and trainings to keep them abreast of the various and new methods hackers use to carry out attacks on their social engineering targets.
By Digital Encode Cybersecurity Advisory Team

Need more help?

We’re here, ready to help

Share this post

Leave a Reply

Your email address will not be published.


A note to our visitors

Digital Encode has updated its privacy policy in compliance with changes to Nigerian Data Protection Regulation and other applicable laws in this context, for all members globally. We’ve also updated our Privacy Policy to give you more information about your rights and responsibilities with respect to your privacy and personal information. Please read this to review the updates about which cookies we use and what information we collect on our site. By continuing to use this site, you are agreeing to our updated privacy policy.

Digital Encode Privacy Statement

Powered by themekiller.com anime4online.com animextoon.com