Thieves steal $80 million from bank without a firewall

Bangladesh Bank's $10 routers lead hackers to target it

One of the largest ever online heists has stolen $80 million from an Indian bank - all because it lacked a firewall.

Hackers attempted to steal around $950 million dollars from Bangladesh Bank, funnelling money through the SWIFT global payment network, which enabled them to quickly transfer stolen funds to fraudulent accounts in various foreign nations.

However, most of the transactions were put to a halt by the Federal Reserve Bank of New York, where the infiltrated account was held, reports Reuters.

Bangladesh Bank's lack of a firewall and their use of second hand network switches, which cost $10 a piece allowed hackers fairly easy access to the bank's funds once they knew the bank's SWIFT login credentials.

Although most of the funds that were stolen in the February heist have been recovered, about $80 million has been diverted to casinos in the Philippines and remains missing.

"You are talking about an organisation that has access to billions of dollars and they are not taking even the most basic security precautions," said Jeff Wichman, a consultant with cyber firm Optiv quoted by Reuters.

The bank remains under scrutiny for their lack of attention to their outdated hardware and security staffing now that they have literally paid for their mistakes.

It is said that the heist was not noticed until it was too late, since it occurred over a Bangladeshi weekend. Experts have said that the bank should update its switches and employ staff to monitor transactions around the clock (including weekends) to prevent situations like this in the future.

Featured Resources

Shining light on new 'cool' cloud technologies and their drawbacks

IONOS Cloud Up! Summit, Cloud Technology Session with Russell Barley

Watch now

Build mobile and web apps faster

Three proven tips to accelerate modern app development

Free download

Reduce the carbon footprint of IT operations up to 88%

A carbon reduction opportunity

Free Download

Comparing serverless and server-based technologies

Determining the total cost of ownership

Free download

Most Popular

What should you really be asking about your remote access software?
Sponsored

What should you really be asking about your remote access software?

17 Nov 2021
What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

30 Nov 2021
Access brokers are making it easier for ransomware operators to attack businesses
cyber security

Access brokers are making it easier for ransomware operators to attack businesses

1 Dec 2021