The “It Almost Worked” Billion Dollar Bank Job

This is a fascinating story in The New York Times of how some clever hackers/thieves were almost able to infiltrate the global banking system and get away with stealing nearly a billion dollars through a Bangladeshi bank:

Until about a decade ago, Bangladesh’s central bank was stuck in the analog age: Staff members sent international payment instructions via a teleprinter, an electromechanical typewriter that sent and received messages over standard phone lines and other channels. But since a new bank governor took over in 2009, the institution had gone digital. Its international transfer orders are now dispatched via Swift, the Brussels-based electronic network used by 11,000 financial institutions in more than 200 countries and territories. Inside a 12-foot-by-8-foot glass-walled chamber, under the scrutiny of closed-circuit security cameras, staff members log into Swift and dispatch the payment orders with encrypted communications. With a few keystrokes, a complex process is set in motion that sends millions of dollars zipping across continents.

On the sophistication of the Bangladeshi job:

The hackers’ approach was masterly in its foresight and complexity, and the malware they used, or variations of it, later turned up in several of the other bank breaches. The intruders most likely entered the bank’s computer network through a single vulnerable terminal, using a contaminated website or email attachment, and planted malware that gave them total control, even a view of the screens they were manipulating. There, hiding in plain sight, they waited for months to gain an understanding of the bank’s business operations. They harvested employee passwords and worked their way to the most tightly guarded corner of the network: the Swift server. Despite Swift’s warnings, the bank had not segregated its Swift server from the rest of the computer network. 

The major reason why the funds didn’t get completely transferred (“only” $81million of the nearly one billion dollars went through) was because the word “Jupiter” was flagged as a suspicious entity in one of the transfers, a huge coincidence.

Yet when it came to the Bangladesh heist, transferring the cash was only the first part of the scheme. It was one thing to use malicious software to tunnel into the bank’s Swift network and send out dozens of phony transfer orders to banks around the world. It was quite another to turn that digital cash into real money and then make it disappear.

Definitely worth reading the entire story. The illustrations accompanying the piece are also great.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s