Bangladesh Bank hacked due to inadequate defense systems

Pierluigi Paganini April 24, 2016

Investigators discovered that the hackers managed to gain access to the Bangladesh Bank network because it was using second-hand switches and no firewall.

In  March, unknown hackers have stolen more than $100 million from the Bangladesh Bank account at the US Federal Reserve Bank. Now new disconcerting news regarding the Bangladesh bank is in the headlines.

According to the investigators from the Forensic Training Institute of the Bangladesh that worked in the case of the $80 Million bank heist, the Bangladesh bank was vulnerable to cyber attacks.

The financial institution did not adopt a firewall to protect its network and used second-hand, $10 switches to connect its systems to the SWIFT global payment network.

According to Mohammad Shah Alam, head of the Forensic Training Institute of the Bangladesh police’s criminal investigation department, there was no obstacle for hackers that exploited the lack of security to breach the Bangladesh Bank system and attempt to steal more than $1 billion using the bank’s SWIFT credentials.

“It could be difficult to hack if there was a firewall,” Mohammad Shah Alam said to the Reuters.

The use of cheap network equipment seriously compromised the investigation of the experts that were not able to collect evidence of the hackers’activity, anyway, information gathered depict a disturbing scenario.

According to Alam, the Bangladesh Bank used about 5,000 computers in different departments and the SWIFT room is physically impenetrable as reported also by the Reuters.

“The SWIFT room is roughly 12 feet by 8 feet, a window-less office located on the eight floor of the bank’s annex building in Dhaka. There are four servers and four monitors in the room.” reports the Reuters. “The SWIFT facility should have been walled off from the rest of the network. That could have been done if the bank had used the more expensive, “managed” switches, which allow engineers to create separate networks, said Alam, whose institute includes a cyber-crime division.”

Bangladesh Bank

The experts confirmed that hackers breached the systems at the Bangladesh Bank in early February and they tried to transfer totaling $951 million from its account at the Federal Reserve Bank of New York.

Most of the fraudulent transfers were blocked except $81 million that were routed to accounts in the Philippines where they were diverted to casinos.

Who to blame?
SWIFT has always denied any problem with its SWIFT’s core messaging services and blamed internal operational issue at Bangladesh Bank. Law enforcement blamed both the bank and SWIFT.

“It was their responsibility to point it out but we haven’t found any evidence that they advised before the heist,” Mohammad Shah Alam added, clearly referring to SWIFT.

On the other hand, a spokesman for Bangladesh Bank confirmed that SWIFT officials advised the bank to upgrade its network equipment in occasion of an internal audit conducted following the cyber heist.

“There might have been a deficiency in the system in the SWIFT room,” said the spokesman, Subhankar Saha.

“Two (SWIFT) engineers came and visited the bank after the heist and suggested to upgrade the system,” Saha said.

The authorities have already identified 20 foreigners that were involved in the cyber attack, anyway it seems they were mules to launder the money.

Stay Tuned.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – US Federal Reserve, Bangladesh bank)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment