Bangladesh Bank Used $10 Router And No Firewall, Reason Got Hacked $80 Million Said Police
The Central Bank Of Bangladesh was exposed to hackers because it did not have a firewall as well as it was used as second-hand. An investigator into one of the world's biggest cyber heists said that $10 exchanges to the network of that computers which are connected to the SWIFT global payment network.
Mohammad Shah Alam who is the head of the Forensic Training Institute of the Bangladesh police's criminal investigation department said that the weaknesses made it easier for hackers to break the security system of the Bangladesh Bank earlier this year as well as it was attempt to siphon off nearly $1 billion using the SWIFT credentials of bank.
Even Alam said in an interview that "It could be difficult to hack if there was a firewall."
And he also added that there was more requirement of complicated switches that can cost of a number of hundred dollars or more which also means it is tricky for investigators to determine what the hackers did as well as where they might have been based.
And experts in bank security said that the conclusion explained by Alam were disturbing.
Jeff Wichman who is a consultant with cyber firm Optiv said, "You are talking about an organization that has access to billions of dollars and they are not taking even the most basic security precautions."
Tom Kellermann who was a former member of the World Bank security team, said that the security faults explained by Alam were "egregious," and that he believed there were "a handful" of central banks which is used in developing countries that were equally insecure.
Kellermann who is now chief executive of investment firm Strategic Cyber Ventures LLC said that most of the banks fail to effectively prevent their networks because they pay attention to the security budgets that are used to physically defending of their facilities.
As all of us know that Cyber criminals hacked into the system of Bangladesh Bank as well as in early February they tried to make fake transactions up to the totaling of $951 million from its account at the Federal Reserve Bank of New York.
Even most of the payments were blocked at the time but $81 million was running scared to the accounts in the Philippines and abstracted that money to casinos there. As well as most of those funds stay missing.
Alam said in an interview that the police considered that both of the bank and SWIFT should take the blame for the misunderstanding.
He said, referring to SWIFT that "It was their responsibility to point it out but we haven't found any evidence that they advised before the heist.”
SWIFT has earlier said the attack was linked to an issue of an internal operational at Bangladesh Bank whereas the core messaging services of did not cooperate.
However, a spokesman for Bangladesh Bank said that SWIFT officially advised to the bank for promoting the exchanges only when their system engineers from Malaysia visited after the attack.
A spokesman said, "There might have been a deficiency in the system in the SWIFT room.” And Subhankar Saha also verifying that the exchange was old as well as there were required to be promoted.
And also, Saha said, "Two (SWIFT) engineers came and visited the bank after the heist and suggested to upgrade the system.”