Security & Fraud

Are SWIFT Technicians To Blame For Bangladesh Bank Heist?

Bangladeshi police and banking officials say that the connection of SWIFT messaging to a new bank transaction system could have led to the $81 million cyberheist at the central bank of Bangladesh. That change was made three months before the hack occurred.

The specific issue seems to have been with how SWIFT was connected with Bangladesh’s first real-time gross settlement (RTGS) system.

“We found a lot of loopholes,” noted Mohammad Shah Alam, head of the criminal investigation department of the Bangladesh police who is leading the probe into one of the biggest cyberheists in the world. “The changes caused much more risk for Bangladesh Bank.”

Officials noted that technicians linked the RTGS to SWIFT computers on the same network as about 5,000 central bank computers that are accessible from the open Internet. The preferred safety method would have involved setting up a LAN not accessible via the open Web.

Banking officials are further alleging that SWIFT diverted from its own standard operating procedures that guarantee the security and inaccessibility of the system. This left the system open to remote access with only a single password and had no firewall protection and only a rudimentary switch.

“It was the responsibility of SWIFT to check for weaknesses once they had set up the system. But it does not appear to have been done,” said a bank official.

SWIFT’s chief spokeswoman, Natasha de Teran, offered no comment on the allegations or on any aspect of the Bangladesh project.

As of yet, there has been no independent verification of the claims made against SWIFT.

Bangladesh Bank officials have maintained that responsibility for the massive hack is somewhat shared by SWIFT and the New York Fed (where the funds were stolen from).

Former central bank Governor Mohammed Farashuddin, who is heading an internal probe by Bangladesh Bank into the heist, said SWIFT needed to review its technology in the wake of the heist.

“It seems to be a case of extreme carelessness,” he told Reuters. He declined to provide more details, saying a final report was due in the next few weeks.

——————————–

Latest Insights: 

The Which Apps Do They Want Study analyzes survey data collected from 1,045 American consumers to learn how they use merchant apps to enhance in-store shopping experiences, and their interest in downloading more in the future. Our research covered consumers’ usage of in-app features like loyalty and rewards offerings and in-store navigation, helping to assess how merchants can design apps to distinguish themselves from competitors.

Click to comment

TRENDING RIGHT NOW

To Top