Banks on alert for Russian reprisal cyberattacks on Swift

Seven of the country's banks were kicked off of the global payments messaging system over the weekend, fearing that Swift faces a growing threat of Russian cyberattacks.

Russia's second-biggest bank, VTB, and the bank that finances Russia's war machine were removed from Swift on Saturday as part of the West's sanctions campaign against Moscow.

The threat to Swift, which allows banks to send trillions of dollars in payments across borders every day, could escalate if more of Russia's banks are kicked out of the system, according to senior executives at several banks.

Sberbank, Russia's biggest bank, and Gazprombank have been kept on Swift as they facilitate much of the West's payments for Russian oil and gas.

Swift is a pinch point in the global financial network and the executives are concerned that it could be a more attractive target than individual banks.

The financial regulator that supervises some of the banks said there are lots of concerns about Swift.

Russia has only targeted Ukrainian government departments and infrastructure in its cyberattacks so far.

Executives with oversight of cyber defense within their banks have put their teams on alert for potential reprisal attacks.

Swift is used by more than 11,000 financial institutions to facilitate trillions of dollars worth of transactions every day.

The nucleus of the global banking system is the most effective place to hit during warfare, according to one senior bank executive.

The threat level from Russian attacks has risen considerably in recent weeks, according to an executive overseeing cybersecurity at another lender.

Swift is more likely to be hit in response to Russian banks being kicked off it.

Swift, an organization that is owned by its members and overseen by the G10 central banks, has previously reported attacks on its network by cyber criminals.

The Bangladesh central bank was robbed of $81 million by hackers in 2016 in one of the biggest bank heists in history. The hackers impersonated other banks and sent payment requests.

The FBI blamed North Korea for the hacking of Sony Pictures Entertainment.

Swift started a new regime of mandatory controls for member banks.

It launched a program to help its members improve their cyber defenses and share information about attacks with each other to protect the network.

Swift said that all of its services were running as normal.

Swift takes security very seriously, and we have a strong control environment in place for physical and cybersecurity.

The Financial Times is a division of The Financial Times. All rights are not to be redistributed, copied or modified.