Chase Makes The Right Security Move After Swift Breaches

A report Tuesday (May 17) that J.P. Morgan Chase "has limited some employees' access to the Swift global interbank messaging service amid questions about security breaches at a pair of Asian banks that used the funds-transfer platform" raises some concerns, but it appears to be just enforcing a stricter "need to know" and "need to access" approach from Chase.

Although there have been other reports raising the possibility of an earlier Swift attack-with a major Bangladesh bank-being an insider job, it could just as easily be an attack where the bank employees were victimized. Employees might have had their credentials stolen via keystroke-capturing malware or being tricked into visiting a credential-stealing site designed to look like Swift's access area.