Saving A Few Hundred Dollars Cost This Bank Millions. Incredible.

Open-vault

The Central Bank Of Bangladesh was the scene of a successful cybercrime a few months back. The perpetrators had made off with $81 million, a massive sum no doubt but nothing compared to the billions of dollars they were after.

Security experts that have been investigating the crime found that the bank did not have basic security protocols in place and was basically a sitting duck. They have now pinpointed the cheap $10 switches used to connect computers with the global SWIFT network as the hardware which was used to gain access to the system.

Of course, even with the cheap hardware, the operation would have been a little more difficult if a firewall had been in place. For an institution that is handling Billions of dollars, these are shocking lapses in security.

That the hackers were not able to transfer more money was only down to luck, as they misspelled a name during the transfer ultimately drawing attention to the transaction.

Bangladesh is a developing country and more sophisticated switches costing several hundred dollars each can be considered surplus to their needs. A lot of the time, these Banks have a relatively small budget for security and tend to focus more on physically defending their premises rather than from cyber attacks.

The Hackers gained access to the banks networks and then started to transfer money from its account at the New York Federal Reserve into bank accounts in the Philippines. None of the hackers involved have been identified or caught so far, neither has been any of the money recovered.

The security teams currently investigating the crime are interested in trying to figure out what method the hackers used exactly so that they can protect against such attacks better in the future. Unfortunately for them, the low-level hardware is quite easy to hack and thus, the possibilities may be too many to narrow down.

SWIFT, the global payments system, is also under scrutiny, however, their representatives have so far denied that any of their systems or services was compromised. They have put the blame for the incident squarely on the Bangladeshi Bank.

According to reports, security experts from SWIFT did visit the facilities of the bank and advised them to upgrade the switches. Ideally, the bank should have isolated their SWIFT computers from any other system in the bank and created separate networks for them to function on.

The scary thing is that there may be a number of other central banks in different parts of the world that are vulnerable to the same kind of heist right at this moment.

Leave a Reply

Your email address will not be published. Required fields are marked *