Thieves steal $80 million from bank without a firewall
Bangladesh Bank's $10 routers lead hackers to target it
One of the largest ever online heists has stolen $80 million from an Indian bank - all because it lacked a firewall.
Hackers attempted to steal around $950 million dollars from Bangladesh Bank, funnelling money through the SWIFT global payment network, which enabled them to quickly transfer stolen funds to fraudulent accounts in various foreign nations.
However, most of the transactions were put to a halt by the Federal Reserve Bank of New York, where the infiltrated account was held, reports Reuters.
Bangladesh Bank's lack of a firewall and their use of second hand network switches, which cost $10 a piece allowed hackers fairly easy access to the bank's funds once they knew the bank's SWIFT login credentials.
Although most of the funds that were stolen in the February heist have been recovered, about $80 million has been diverted to casinos in the Philippines and remains missing.
"You are talking about an organisation that has access to billions of dollars and they are not taking even the most basic security precautions," said Jeff Wichman, a consultant with cyber firm Optiv quoted by Reuters.
The bank remains under scrutiny for their lack of attention to their outdated hardware and security staffing now that they have literally paid for their mistakes.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
It is said that the heist was not noticed until it was too late, since it occurred over a Bangladeshi weekend. Experts have said that the bank should update its switches and employ staff to monitor transactions around the clock (including weekends) to prevent situations like this in the future.