* [Blog](https://origin-researchcenter.paloaltonetworks.com/blog)
* [Palo Alto Networks](https://origin-researchcenter.paloaltonetworks.com/blog/corporate/)
* [Financial Services](https://origin-researchcenter.paloaltonetworks.com/blog/category/financial-services/)
* Preventive Actions in the...

# Preventive Actions in the Aftermath of A Major Bank Breach

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Forigin-researchcenter.paloaltonetworks.com%2Fblog%2F2016%2F07%2Fpreventive-actions-in-the-aftermath-of-a-major-bank-breach%2F)  
[](https://twitter.com/share?text=Preventive+Actions+in+the+Aftermath+of+A+Major+Bank+Breach&url=https%3A%2F%2Forigin-researchcenter.paloaltonetworks.com%2Fblog%2F2016%2F07%2Fpreventive-actions-in-the-aftermath-of-a-major-bank-breach%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Forigin-researchcenter.paloaltonetworks.com%2Fblog%2F2016%2F07%2Fpreventive-actions-in-the-aftermath-of-a-major-bank-breach%2F&title=Preventive+Actions+in+the+Aftermath+of+A+Major+Bank+Breach&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://origin-researchcenter.paloaltonetworks.com/blog/2016/07/preventive-actions-in-the-aftermath-of-a-major-bank-breach/&ts=markdown)  
\[\](mailto:?subject=Preventive Actions in the Aftermath of A Major Bank Breach)  
Link copied  
By [Lawrence Chin](https://www.paloaltonetworks.com/blog/author/lawrence-chin/?ts=markdown "Posts by Lawrence Chin")  
Jul 14, 2016  
4 minutes  
[Financial Services](https://www.paloaltonetworks.com/blog/category/financial-services/?ts=markdown)  
[breach](https://www.paloaltonetworks.com/blog/tag/breach/?ts=markdown)  
[breach prevention](https://www.paloaltonetworks.com/blog/tag/breach-prevention/?ts=markdown)  
[Financial Services](https://www.paloaltonetworks.com/blog/tag/financial-services/?ts=markdown)  
[next-generation security platform](https://www.paloaltonetworks.com/blog/tag/next-generation-security-platform/?ts=markdown)  
[SWIFT](https://www.paloaltonetworks.com/blog/tag/swift/?ts=markdown)

### Background

In February, stolen credentials of a Bangladesh bank were used to submit fraudulent fund transfer requests via the [Society for Worldwide Interbank Financial Telecommunication](https://www.swift.com/about-us/legal/ipr-policies/standards-ipr-policy) (SWIFT) network. A small number of these requests was processed, and according to published reports, US$81 million was transferred to a bank in the Philippines and then disbursed across several accounts belonging to casinos, where the trail of the cyber attackers has gone cold. Malware was introduced to impair the Bangladesh bank's ability to see evidence of the fraudulent transactions. SWIFT has maintained that the security and integrity of their messaging services are not in question, but rather local security at customer environments were compromised in this and other similar incidents in Vietnam, Ecuador, Ukraine, and Russia as well.

### Achieve Greater Security and Prevent Similar Attacks

How the valid credentials for fund transfers were obtained is still unknown, but possibilities include phishing and discovery on another system after the initial compromise at this Bangladesh bank. Cybercriminals tend to move laterally within a victim's environment in search of valuable information and other vulnerable systems. Such latitude in the Bangladesh bank's network appeared to provide ready access to the systems for fund transfer initiation and to the related reporting systems.

Network segmentation can separate the credentials, the critical systems for fund transfers and transaction logging, from the rest of a bank network. A compromise elsewhere would not expose the resources involved in fund transfers since unexpected traffic would be prohibited into that segment. Furthermore, malware analysis and prevention at the network perimeter and internally at endpoints can stop the initial attempts to compromise systems and block malicious code from running. In combination, these practices and capabilities could be significant in future attempted breaches, constraining the lateral movement of the attackers and stopping the installation and/or execution of malware.

Palo Alto Networks Next-Generation Security Platform enables important cybersecurity best practices and threat prevention capabilities within financial institution networks. Here's how:

* Network segmentation with our security platform restricts the lateral movement attackers use to hunt for valuable resources within the targeted institution.
* The platform's visibility into applications, users and content provides a baseline of normal traffic patterns against which anomalies are more easily identified and specific policies, including whitelisting, can be established.
* SSL decryption by the platform enables the inspection of suspicious, encrypted communications that may otherwise conceal attacker activities.
* WildFire environment analyzes unknown malware encountered by the platform and reprograms it in as little as five minutes to block the new malware from going forward.
* Traps advanced endpoint protection stops exploits and unknown malware at servers, workstations and laptops by thwarting exploit techniques at execution and closely coordinating with WildFire on any new malware samples.

Because of their sophistication, many threats against financial services and other critical industries use numerous steps in their attack lifecycle. The Palo Alto Networks security platform provides multiple opportunities to thwart every stage of an attack and prevent successful completion. To learn more, download our [Breaking the Cyber Attack Lifecycle](https://www.paloaltonetworks.com/resources/whitepapers/breaking-the-cyber-attack-lifecycle) white paper.

### Further Recommendations

In addition to the best practices above, SWIFT has offered other steps to enhance cybersecurity as part of their new [customer security program](https://www.swift.com/customer-security-programme), which is intended to reinforce and evolve the security of global banking in the face of increasing cyberthreats. These include improved information sharing within the global financial community, hardening of SWIFT-related tools for customers, audit frameworks, increased monitoring capabilities of customer environments, best practices for fraud detection, and the investigation of tools to detect anomalies on the network.

The U.S. Federal Financial Institutions Examination Council's (FFIEC) June statement on the [Cybersecurity of Interbank Messaging and Wholesale Payment Networks](https://www.ffiec.gov/press/PDF/Cybersecurity_of_IMWPN.pdf) did not contain any new regulatory expectations. It reinforced some risk mitigation techniques relevant for cyberattacks, vulnerability exploits and unauthorized entry, including:

* Use multiple layers of security controls.
* Conduct ongoing information security risk assessments.
* Adjust controls in response to newly identified risks and threats.
* Establish a baseline environment to detect anomalous behavior.
* Share information with other financial institutions.

The Palo Alto Networks Next-Generation Security Platform is part of a layered defense strategy used by the financial services industry today, and provides excellent visibility into normal traffic patterns. Additionally, Palo Alto Networks is committed to information sharing for the benefit of the global community. As a member of the Financial Services Information Sharing and Analysis Center (FS-ISAC), and a founding member of the Cyber Threat Alliance (CTA) to ensure the cyber security industry works together, we believe in the power of information sharing.

For more information on how Palo Alto Networks can help financial institutions prevent successful cyber breaches, please visit our [website](https://www.paloaltonetworks.com/solutions/industries/enterprise/fin-serv) and download the [Reference Blueprint for Banking](https://www.paloaltonetworks.com/resources/whitepapers/bankingIT-reference-blueprint) or the [Security Platform for Financial Services](https://www.paloaltonetworks.com/resources/whitepapers/enterprise-security-platform-financial-services) white paper.

*** ** * ** ***

## Related Blogs

### [Financial Services](https://www.paloaltonetworks.com/blog/category/financial-services/?ts=markdown), [Predictions](https://www.paloaltonetworks.com/blog/category/predictions/?ts=markdown)

[#### 2018 Predictions \& Recommendations: Cyber Hygiene for Financial Institutions Found Non-Compliant with SWIFT Mandatory Security Controls](https://origin-researchcenter.paloaltonetworks.com/blog/2017/11/2018-predictions-recommendations-cyber-hygiene-financial-institutions-found-non-compliant-swift-mandatory-security-controls/)

### [Financial Services](https://www.paloaltonetworks.com/blog/category/financial-services/?ts=markdown)

[#### Understanding New York State's Cybersecurity Compliance for Financial Institutions](https://origin-researchcenter.paloaltonetworks.com/blog/2017/03/understanding-new-york-states-cybersecurity-compliance-financial-institutions/)

### [AI Governance](https://www.paloaltonetworks.com/blog/category/ai-governance/?ts=markdown), [Financial Services](https://www.paloaltonetworks.com/blog/category/financial-services/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown)

[#### From the Hill: The AI-Cybersecurity Imperative in Financial Services](https://origin-researchcenter.paloaltonetworks.com/blog/2025/12/ai-cybersecurity-in-financial-services/)

### [AI Governance](https://www.paloaltonetworks.com/blog/category/ai-governance/?ts=markdown), [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown)

[#### Banking on AI to Defend the Financial Services Sector](https://origin-researchcenter.paloaltonetworks.com/blog/2024/10/banking-on-ai-to-defend-the-financial-services-sector/)

### [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)

[#### Why Financial Institutions Are Adopting the CRI Profile](https://origin-researchcenter.paloaltonetworks.com/blog/2023/12/financial-institutions-are-adopting-the-cri-profile/)

### [News \& Events](https://www.paloaltonetworks.com/blog/sase/category/news-events/?ts=markdown), [News of the Week](https://www.paloaltonetworks.com/blog/category/news-of-the-week/?ts=markdown), [Partner Integrations](https://www.paloaltonetworks.com/blog/sase/category/partner-integrations/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### Zero Trust and SASE: Better Together for Financial Institutions](https://origin-researchcenter.paloaltonetworks.com/blog/2022/05/zero-trust-and-sase-for-financial-institutions/)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://origin-researchcenter.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language