Thieves steal $80 million from bank without a firewall

Bangladesh Bank's $10 routers lead hackers to target it

One of the largest ever online heists has stolen $80 million from an Indian bank - all because it lacked a firewall.

Hackers attempted to steal around $950 million dollars from Bangladesh Bank, funnelling money through the SWIFT global payment network, which enabled them to quickly transfer stolen funds to fraudulent accounts in various foreign nations.

However, most of the transactions were put to a halt by the Federal Reserve Bank of New York, where the infiltrated account was held, reports Reuters.

Bangladesh Bank's lack of a firewall and their use of second hand network switches, which cost $10 a piece allowed hackers fairly easy access to the bank's funds once they knew the bank's SWIFT login credentials.

Advertisement - Article continues below

Although most of the funds that were stolen in the February heist have been recovered, about $80 million has been diverted to casinos in the Philippines and remains missing.

"You are talking about an organisation that has access to billions of dollars and they are not taking even the most basic security precautions," said Jeff Wichman, a consultant with cyber firm Optiv quoted by Reuters.

The bank remains under scrutiny for their lack of attention to their outdated hardware and security staffing now that they have literally paid for their mistakes.

It is said that the heist was not noticed until it was too late, since it occurred over a Bangladeshi weekend. Experts have said that the bank should update its switches and employ staff to monitor transactions around the clock (including weekends) to prevent situations like this in the future.

Featured Resources

The essential guide to cloud-based backup and disaster recovery

Support business continuity by building a holistic emergency plan

Download now

Trends in modern data protection

A comprehensive view of the data protection landscape

Download now

How do vulnerabilities get into software?

90% of security incidents result from exploits against defects in software

Download now

Delivering the future of work - now

The CIO’s guide to building the unified digital workspace for today’s hybrid and multi-cloud strategies.

Download now

Most Popular

Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Amazon Web Services (AWS)

What to expect from AWS Re:Invent 2019

29 Nov 2019

Raspberry Pi 4 owners complain of broken Wi-Fi when using HDMI

29 Nov 2019
Google Android

Samsung Galaxy A90 5G review: Simply the best value 5G phone

22 Nov 2019