SWIFT and Microsoft bid to ease fears over 'NSA hacking'

SWIFT and EastNets deny Shadow Brokers' claims, while Microsoft says it has patched any vulnerabilities

Microsoft and SWIFT, the global banking payments system, are aiming to put to bed claims that the US National Security Agency (NSA) accessed a backdoor to the bank network using exploits in the Windows operating system.

The claims were made by the Shadow Brokers hacking group, who claim they obtained the information by after breaching the NSA's systems.

According to the hacking group, the NSA gained access to the SWIFT network after breaching EastNets, a Dubai-based SWIFT service provider - the largest in the Middle East - and retrieved sensitive information from the company.

Documents included in the release, include a 2013 mission called 'Jeepflea_Market', in which the NSA is alleged to have captured information such as administrator passwords from EastNets' databases. Another document details failed attempts to hack into Business Computer Group (BCG), a Latin America business partner of EastNets.

The spy agency also tried to hack into the systems of individual banks, including the Palestinian bank Al Quds Bank for Development and Investment, an EastNets' SWIFT transfer services user. It targeted the bank because its servers were running Windows 2008 R2, which features vulnerabilities that the NSA had tools to exploit.

According to security researcher Matt Suiche, the materials describe "the most elaborate attack ever seen to date".

"If Shadow Brokers claims are, indeed, verified it seems that the NSA sought to totally capture the backbone of the international financial system to have a 'God's eye' into a SWIFT Service Bureau — and potentially the entire SWIFT network," he said.

However, EastNets - which connects 260 banks to the SWIFT messaging network - said that the claims made by the Shadow Brokers were "totally false and unfounded".

It said it had run a security audit of its systems and servers, and found no evidence of compromise or any vulnerabilities.

Hazem Mulhim, CEO and founder EastNets, said: "While we cannot ascertain the information that has been published, we can confirm that no EastNets customer data has been compromised in any way. EastNets continues to guarantee the complete safety and security of its customers data with the highest levels of protection from its SWIFT-certified service bureau".

Meanwhile, SWIFT said there was "no evidence to suggest that there has ever been unauthorised access to our network or messaging services".

Part of the documents release included details on how the NSA hacked into Swift's back-end infrastructure using exploits in Windows, but Microsoft has looked to ease those fears by stating that most of the exploits have already been patched.

The software giant suggested that customers running Windows 7 and beyond, and the msot recent version of Exchange 2010 and beyond, were not at risk. But it urged customers running prior versions of these products to upgrade to a 'supported offering'.