Thieves steal $80 million from bank without a firewall
Bangladesh Bank's $10 routers lead hackers to target it
One of the largest ever online heists has stolen $80 million from an Indian bank - all because it lacked a firewall.
Hackers attempted to steal around $950 million dollars from Bangladesh Bank, funnelling money through the SWIFT global payment network, which enabled them to quickly transfer stolen funds to fraudulent accounts in various foreign nations.
However, most of the transactions were put to a halt by the Federal Reserve Bank of New York, where the infiltrated account was held, reports Reuters.
Bangladesh Bank's lack of a firewall and their use of second hand network switches, which cost $10 a piece allowed hackers fairly easy access to the bank's funds once they knew the bank's SWIFT login credentials.
Although most of the funds that were stolen in the February heist have been recovered, about $80 million has been diverted to casinos in the Philippines and remains missing.
"You are talking about an organisation that has access to billions of dollars and they are not taking even the most basic security precautions," said Jeff Wichman, a consultant with cyber firm Optiv quoted by Reuters.
The bank remains under scrutiny for their lack of attention to their outdated hardware and security staffing now that they have literally paid for their mistakes.
It is said that the heist was not noticed until it was too late, since it occurred over a Bangladeshi weekend. Experts have said that the bank should update its switches and employ staff to monitor transactions around the clock (including weekends) to prevent situations like this in the future.
The essential guide to cloud-based backup and disaster recovery
Support business continuity by building a holistic emergency planDownload now
Trends in modern data protection
A comprehensive view of the data protection landscapeDownload now
How do vulnerabilities get into software?
90% of security incidents result from exploits against defects in softwareDownload now
Delivering the future of work - now
The CIO’s guide to building the unified digital workspace for today’s hybrid and multi-cloud strategies.Download now