Bank robberies have long since put the fear of god into bank tellers, but bank robbers are now turning increasingly towards more sophisticated digital attacks.
Whereas a good old fashioned bank heist would involve shotguns and masks, the contemporary bank robber relies on nothing more than a keyboard and a mischievous sense of ingenuity. And, whilst you would think banks were pretty keen on cyber security, two major banks in Vietnam and Bangladesh have recently fallen victim to cyber hackers.
It’s always important to understand the methods and motivations of hackers, particularly when finances are targeted, so let’s take a look at what’s been happening.
A Digital Crime
The banks that have been attacked recently are Vietnam’s Tien Phong bank and the Bangladesh Bank. Luckily for Tien Phong the attack was intercepted, but the Bangladesh Bank was less lucky and lost close to $81 million.
But how did these attacks happen in the first place? After all, our money is surely safe in a bank, isn’t it? Unfortunately, in this day and age, nothing which involves computerized systems appears to be safe. And, in both of these bank robberies, our old foe malware was responsible yet again.
Hacking the Banks
Financial institutions are constantly in communication with one another in order to complete transactions. Naturally, the numbers of transactions that take place in any one day are astronomical, so they rely on the SWIFT network to facilitate all these transfers.
It’s believed that the attackers were able to glean login details for SWIFT from bank officials, but how this occurred is not exactly clear. Unfortunately, due to human error and naivety, login details can easily fall into the wrong hands. Anyway, this entry to the system gave the hackers free reign to conduct a number of lucrative transactions which would swell their own bank accounts.
Malware was then executed within the SWIFT system to alter payment confirmations; the malware’s aim was to cover up the illegal transactions which had been carried out. And the malware, although slightly altered, was the same code used in both Bangladesh and Vietnam.
Tien Phong managed to intercept the hack on their finances as they noticed a number of shady transactions taking place; this allowed them to prevent the fraudulent movement of funds. Bangladesh Bank, however, did not manage to block all the transactions and lost around $81 million – although up to $1 billion worth of illegal transactions were attempted.
Is Your Money Safe
Thankfully, your money is pretty safe within a bank. Even if they do suffer any losses through cyber-crime, it will be the bank who takes the hit and not your personal account. However, it does raise some interesting questions about security.
The complexity of banking systems means that it’s likely an insider was used to help gain access to SWIFT and then understand how to complete the transactions. And SWIFT was compromised far too easily by the hackers, so this indicates a major lapse in the network’s preventative measures.
Hopefully, the banks and SWIFT will move to adopt more cautious approaches to security clearance and protecting their systems.
For more ways to secure and optimize your business technology, contact your local IT professionals.