Description
SWIFT, the Society for Worldwide Interbank Financial Telecommunication, is a system that provides an electronic fund transfer standard between banks all over the world. Swift started to be actively studied and used in 1977 and is still actively used today. This system identifies each bank through the BIC (Bank Identifier Codes) code, i.e. the bank identification code.
We can define SWIFT as the system used by banks for money transfers between countries. The transfer orders prepared at the banks are transmitted to the relevant center as SWIFT messages, and after a series of verification procedures, the money transfer takes place.
In recent years, international attacks targeting SWIFT transfers have led to some significant reputational damage and high financial losses. Many important banks in Turkey and internationally have fallen victim to these attacks.
SWIFT has released a comprehensive Customer Security Program (CSP) targeting the security of users to prevent these attacks, which are becoming more frequent and causing significant damage.
The SWIFT Customer Security Program is a security program created by SWIFT to detect and prevent fraudulent activity.
With this training, you will learn the Swift Customer Security Controls Framework (CSCF), that is, what are the mandatory and advisory security controls for Swift users, and all the detailed content on virtual security in the banking sector.
About Education
Education Objectives
- Learn all controls, definitions and containers established in accordance with current information security industry standards,
- Physical protection of the environment / Securing your environment,
- Reducing the attack surface and vulnerabilities,
- Learn about restriction of Internet access and network segmentation,
- Prevent username and password information breach,
- Manage user authorizations,
- Ability to detect abnormal activity in systems or transaction logs,
- To be able to organize incident response plan and information sharing,
- Learn how to configure existing security features to be compliant with the latest CSCF.
Education Content
- SWIFT PAYMENT SYSTEMS WORKING PRINCIPLES
General definitions of payment systems
EFT infrastructure, working logic and possible security vulnerabilities
SWIFT infrastructure, operational logic and potential security vulnerabilities
Alternative payment systems and the future
Blockchain (BlockChain)
Bitcoin, the digital currency and its uses
Vulnerabilities and exploitation methods of Bitcoin and similar currencies
- RESTRICTION OF INTERNET ACCESS TO CRITICAL SYSTEMS OR SEPARATION FROM OTHER SYSTEMS
Isolating the SWIFT System from Other Systems
Controlled Account Usage
- TYPES OF CYBER-ATTACKS AGAINST PAYMENT SYSTEMS SWIFT SYSTEMS
Unauthorized SWIFT transactions via VPN scenario
Unauthorized SWIFT transactions via APT attacks against the end user
Unauthorized SWIFT transactions by exploiting server-based vulnerabilities
A sample cyber attack scenario against SWIFT Infrastructure (Hands-on)
Examples of advanced malware targeting payment systems (Odinaff, Carbanac)
Analysis of Odinaff and Carbanac malware
Penetration testing steps for SWIFT Systems
How to detect cyber attacks on the SWIFT system?
- CONTROL OF THE ATTACK AREA AND VULNERABILITIES
Internal Network Data Flow Security
Updates
System Tightening
- PHYSICAL SECURITY
- USER ACCOUNT SECURITY
Password Policies
Multi-Factor Login Verifications
- USER ACCOUNT MANAGEMENT
Account Management
Token Management
- ABNORMAL SYSTEM ACTIVITY MONITORING
Malware Protection
Software Integrity
Database Integrity
Log Mechanism and Management
- INCIDENT RESPONSE AND INFORMATION SHARING
Cyber Incident Response Planning
- CYBER SECURITY AND AWARENESS TRAININGS
- CONSULTANT SAFETY CHECKS
- CONTROLLING THE ATTACK AREA AND VULNERABILITIES
Back Office Data Flow Security
External Transmission Data Protection
User Session Integrity
Vulnerability Scanning
Non-System Critical Activities
- USER ACCOUNT MANAGEMENT
Personnel Review Process
Physical and Logical Password Storage
- ABNORMAL SYSTEM ACTIVITY MONITORING
Attack Detection
- INCIDENT RESPONSE AND INFORMATION SHARING
Penetration Tests
Scenario and Risk Analysis
- CREATING A SECURE SWIFT INFRASTRUCTURE
Developing secure SWIFT infrastructure SIEM correlation rules
Security tightening recommendations for SWIFT infrastructure and software (KB 5020786)
Isolation of SWIFT infrastructure from other networks
Intrusion and anomaly detection system deployment for a network of SWIFT systems
Security tightening of operating systems on which SWIFT software is installed
Control of authorized accounts
Decoupling SWIFT systems included in the domain environment
Tightening the communication traffic of SWIFT systems through the firewall
Sample SIEM correlation rules against potential SWIFT security exploit events
Security review of SWIFT software used in Turkey and recommendations
- BANKING PAYMENT SYSTEMS AND SWIFT SECURITY IN TURKEY
Examples of cyber attacks targeting banking infrastructure and payment systems
Case Studies (Central Bank of Russia, Bangladesh Central Bank and Vietnam TP Bank)
SWIFT attacks targeting Turkey
Banks whose licenses were revoked after the cyber attack
Cyber attacks targeting the Turkish banking sector in 2016
Who Should Receive the Training?
- All employees working in the banking sector, including technical and administrative staff (in particular),
- Security experts.
Requirements
- It is a Special Training for the Banking Sector. It does not require any prerequisites.
Plan this training institutionally!
This training can be planned in different durations and content specific to your organization. Please contact us for detailed rich content and planning to realize your training objectives.