Switzerland's SWIFT data centre under guard after Russian banks excluded

Local police want to head off any worries about possible sabotage

A Swiss data centre operated by financial messaging service SWIFT is under guard by police following the exclusion of key Russian banks from the system.

As we reported yesterday, the EU has agreed to bar certain Russian banks from SWIFT, the most widely used global financial messaging system. The move, a response to the conflict in Ukraine, will likely make it more difficult for Russian banks to manage transactions.

The SWIFT messaging network is run from three data centres in Virginia, US; in Zoeterwoude in the Netherlands; and in Diessenhofen in the canton of Thurgau in Switzerland.

The data centre in Diessenhofen is now under increased protection because of fears regarding the risk of sabotage carried out in revenge for the action taken against Russian banks, local Swiss police confirmed.

In a statement to The Register, they said: "The cantonal police in Thurgau is tasked with ensuring security and order in the canton. For the SWIFT branch in Diessenhofen, the cantonal police, in consultation with the company and taking into account current developments, carried out a situation assessment and created a security plan. For obvious reasons, we are not disclosing any details."

According to reports, five of the seven floors of the SWIFT data centre in Diessenhofen are below ground, and the site is said to be surrounded by high walls and barbed wire, as well as protected by security cameras, which makes the facility seem to be fairly well protected.

SWIFT itself appears to be unconcerned with the current situation.

"All SWIFT services are operating as normal," the company informed us in a statement. "Like banks, market infrastructures and other financial institutions SWIFT continuously monitors the threat landscape. We take security very seriously and we have a strong control environment in place for physical and cyber security."

In an update to the SWIFT community, the organisation explained that it had been required to disconnect seven designated Russian entities (and their Russia-based subsidiaries) from the SWIFT network in compliance with legal instructions from the European Council. This had followed diplomatic decisions taken by the European Union, in consultation with the UK, Canada, and the US. SWIFT said it would fully comply with applicable sanction laws.

According to SWIFT, 2021 saw the strongest growth in payments and securities traffic in three years. Traffic volumes across its network grew by 11.2 per cent during the year, citing the rollout of a new strategy to enable instant cross-border payments from account to account, anywhere in the world.

According to its latest financial statements, for fy2020, SWIFT made €905m in revenues and €45m in profit before tax. The service is headquartered in Belgium and owned by its members and makes money via transfer traffic (paid by the end user), messaging services, subscription fees and "products and services" including a "new inbound tracking service that gives corporate treasurers unrivalled insights into their incoming payments." It did not provide a revenue breakdown, however.

SWIFT states that on 30 November 2021 it recorded 50.2 million messages across its network, the most ever in a single day. That figure is more than 66 per cent higher than the daily peak just five years ago. ®

Other stories you might like

  • Cisco warns of security holes in its security appliances
    Bugs potentially useful for rogue insiders, admin account hijackers

    Cisco has alerted customers to another four vulnerabilities in its products, including a high-severity flaw in its email and web security appliances. 

    The networking giant has issued a patch for that bug, tracked as CVE-2022-20664. The flaw is present in the web management interface of Cisco's Secure Email and Web Manager and Email Security Appliance in both the virtual and hardware appliances. Some earlier versions of both products, we note, have reached end of life, and so the manufacturer won't release fixes; it instead told customers to migrate to a newer version and dump the old.

    This bug received a 7.7 out of 10 CVSS severity score, and Cisco noted that its security team is not aware of any in-the-wild exploitation, so far. That said, given the speed of reverse engineering, that day is likely to come. 

    Continue reading
  • International operation takes down Russian RSOCKS botnet
    $200 a day buys you 90,000 victims

    A Russian operated botnet known as RSOCKS has been shut down by the US Department of Justice acting with law enforcement partners in Germany, the Netherlands and the UK. It is believed to have compromised millions of computers and other devices around the globe.

    The RSOCKS botnet functioned as an IP proxy service, but instead of offering legitimate IP addresses leased from internet service providers, it was providing criminals with access to the IP addresses of devices that had been compromised by malware, according to a statement from the US Attorney’s Office in the Southern District of California.

    It seems that RSOCKS initially targeted a variety of Internet of Things (IoT) devices, such as industrial control systems, routers, audio/video streaming devices and various internet connected appliances, before expanding into other endpoints such as Android devices and computer systems.

    Continue reading
  • IBM finally shutters Russian operations, lays off staff
    Axing workers under 40 must feel like a novel concept for Big Blue

    After freezing operations in Russia earlier this year, IBM has told employees it is ending all work in the country and has begun laying off staff. 

    A letter obtained by Reuters sent by IBM CEO Arvind Krishna to staff cites sanctions as one of the prime reasons for the decision to exit Russia. 

    "As the consequences of the war continue to mount and uncertainty about its long-term ramifications grows, we have now made the decision to carry out an orderly wind-down of IBM's business in Russia," Krishna said. 

    Continue reading

Biting the hand that feeds IT © 1998–2022