Bangladesh Bank Cyber Attack

Shivashankar Saravanan
Bangladesh bank cyber attack
Share and Support Us

“ One of the biggest Cyber Heists”

The Bangladesh Bank robbery commonly known as the Bangladesh Bank cyber heist took place in February 2016.

This particular heist is considered to be one of the biggest cyber attacks targeted against any government body in the world.

What Actually Happened ?

On the 4th of February 2016, Hackers stole Millions of dollars from the central bank of bangladesh through the Federal reserve bank of New York. Hackers sent thirty five forged requests with an aim of stealing $1 billion from the Federal Reserve Bank of New York account which belongs to the Bangladesh bank.

Out of the 35 forged requests, five were successful and led to the loss of US$101 million. A part of the stolen money, $20 million was traced to Sri Lanka and the remaining $81 million dollars were sent to different  accounts in philippines.

It is found that the attackers made use of the SWIFT network to carry out his attack. The hackers obtained valid credentials used by employees and used those to steal US$1 billion from the bank but managed to steal only US $81 million.

How It Actually Happened?

This Cyber attack involved security hackers used the SWIFT credentials and compromised the bank of Bangladesh through federal bank new york to steal a whopping amount of $1 billion. In this attempt they managed to steal $101 million of which $20 million was transferred to Shalika Foundation, a private company in Sri Lanka and $81 million to Rizal Commercial Banking Corporation to five different accounts in Philippines. The authorities managed to retrieve the $20 million from Sri Lanka and also managed to retrieve $18 million from the $81 million they stole.

It has also been reported that a few people inside the bank were helping the cyber criminals to execute the cyber attack.

The Bangladesh bank managed to stop the attack and saved $850 million. The hackers misspelled the word “Foundation” as “Fundation” in their request to transfer money to the accounts. This raised suspicion and helped the bank stop the attack and saved a lot of money.

If not for that one misspelled word in the instructions, the hackers would have stolen a billion dollars from the bank. 

It is believed that the cyber criminals installed Dridex malware in the banks network so that it would be hard for the bank to identify the attack immediately. Dridex malware exploits the macros in MS Word and Excel 

What is SWIFT Network?

SWIFT stands for the Society for Worldwide Interbank Financial Telecommunication (SWIFT). SWIFT was founded in 1973 and it is based out of Belgium. SWIFT provides a network which enables financial bodies around the world to communicate about financial transactions securely. The SWIFT has around 11,000 users and around 25 million communications a day.

Who was at Fault?

The whole incident brings one question at the end. Whose fault was it and who is responsible for the robbery.

The Bangladesh bank blames the Federal bank of New York for transferring the money without cross checking it with them. Whereas the New York bank has informed that they had contacted the bank but did not get a reply for their messages and so they had approved the transactions but central bank of bangladesh says that bank of new york should have stopped all the transactions till they got a reply.

Another important point is that the hackers did not bring down the SWIFT entirely, but managed to execute the attack and steal millions of dollars by collecting the valid credentials. This proves that the SWIFT was vulnerable and a few reports say that a few insiders provided the hackers with the credentials.

This particular incident created awareness among the government and private banking institutions regarding the impact of a cyber attack and also was the reason for the Governor of the bank to resign from his post. 

Policies and procedures implemented in SWIFT after the attack:

The SWIFT ecosystem advised all the banking firms to strengthen their cyber security posture and follow the SWIFT security guidelines such as being aware of the environment, to detect and respond and to limit access so that such attacks can be avoided in the future. SWIFT has also developed a facility that lets its users spot inconsistencies in their local database and has also recommended its users to implement appropriate security measures in their workstations to avoid such malware being injected in the future.

Banks are one of the top targets of cyber criminals and the number of attacks that target the banks are increasing. It is important for financial institutions to keep an eye out for such attacks and implement the necessary measures such as multi factor authentication, Strong passwords, detecting malware etc, to avoid cyber attacks in the future.

If your system is compromised or if you would like to be prepared you can contact us at info@rootfloe.com for a free consultation.

Related posts

Leave a Comment