Second bank cyber-attack detected after Bangladesh raid

London, May 13 (IANS) The Society for Worldwide Interbank Financial Telecommunication (SWIFT) has detected a cyber-attack that hit a bank, similar to one in which $81 million was stolen from Bangladesh’s central bank.

SWIFT said the target was a commercial bank but did not name the organisation or reveal if any cash had been taken, BBC reported on Friday.

The attackers had a “deep and sophisticated knowledge of specific operational controls” at the targeted bank, and could have been aided in their theft by “malicious insiders”, said the Belgium-based financial messaging network that underpins global money transfers.

The attack used techniques and tools resembling those used to steal cash from Bangladesh in February, it said.

In both attacks, the thieves sought to submit fraudulent messages to the SWIFT network to transfer large amounts of cash to accounts they controlled.

Analysis of February’s attack suggested the gang aimed to steal about $1 billion by moving cash from an account held by Bangladesh’s central bank at New York’s Federal Reserve to other accounts.

A spelling mistake in one of the transfer orders alerted staff and stopped much of the money going astray.

An investigation into the attack revealed that the cyberthieves won access to the central bank network because of poor security controls.

The bank had no firewall, which is designed to block unauthorised access requests. It also used second-hand internet routers, which had cost $10, to connect to global financial networks.



Related Posts

Leave a Reply