Published on International Banker by June 20, 2017, by Raz Rafaeli
In February 2016, hackers heisted $81 million from the Bangladesh Bank, cleverly stealing the money via the transfer system of the Society for Worldwide Interbank Financial Telecommunication, commonly referred to as SWIFT. Via a series of subterfuges and with the right timing (scheduling the thefts for a weekend, when staff members of the Federal Reserve Bank the hackers requested the transfer from were away from their desks), the hackers were able to fly under the radar, avoiding notice until it was too late.
All along, the SWIFT system operated properly. To steal the money, the hackers didn’t compromise the system – they used it, by obtaining (possibly in a phishing scam) the credentials of employees of the Bangladesh Bank.
Once logged in, the hackers were able to do as they wanted – and had it not been for a typo in one of the transfer requests to send money to accounts in the Philippines, Sri Lanka and other parts of Asia, they might have gotten away with stealing nearly $1 billion dollars.
Speaking to Reuters, a top security official in the SWIFT organization said that the network had been hit with a “meaningful” number of attacks since the Bangladesh hack – about a fifth of them resulting in stolen funds. “The threat is very persistent, adaptive and sophisticated – and it is here to stay,” SWIFT told clients.
If those thefts were similar to the Bangladesh hack, then it’s not just the targeted banks that have a problem; anyone using the SWIFT network is at risk, because of the credential-based system the organization uses to transfer funds. One of the results of the Bangladesh hack was the adoption of multi factor authentication by the group.