Although we typically think of malware and phishing attacks being aimed at consumers, some cybercriminals choose to target banks directly rather than their customers so they can siphon money from unsuspecting financial institutions. If successful, these sophisticated techniques can yield impressive results.
A few months ago, unidentified attackers transferred $81 million from the bank of Bangladesh. That’s an serious amount of money, but the hackers wanted to steal close to $1 billion, and only a stroke of luck helped the banks prevent the bigger loss.
It turns out that this wasn’t an isolated incident, and hackers can pull it off again and again by taking advantage of the supposedly secure method banks use to transfer money.
According to The New York Times, the thieves had once again managed to attack SWIFT, which is the backbone of the global financial system. Although it’s supposed to be impenetrable, the messaging service appears to have been hit for the second time. This time around, it’s not clear what bank was involved, and how much money was transferred out.
Investigators of the Bangladesh Bank attack found that cheap routers may have helped the hackers get into their network and access the SWIFT machines. They also discovered that hackers went as far as interfering with the printers keeping track of transfers to hide their tracks.
In a second attack, they used malware to attack a PDF system which was used to confirm SWIFT transactions. Just like the printers in the previous heist, the PDF program should have kept track of SWIFT transactions, but hackers knew it was in place and designed malware to “remove traces of the fraudulent instructions.”
Not only did the hackers hide their tracks, but they also seem to have obtained a valid SWIFT credential that allowed them to “create, approve and submit” messages on the network. These messages are enough to move money from one of the bank’s accounts.
This proves that the Bangladesh Bank attack did not happen simply because dated hardware was in place, although poor router security may have helped. Hackers can still penetrate other banks and the SWIFT messaging system that’s used for most financial transactions out there. That means that, at least in theory, any bank might be attacked by the hackers, at least until the security holes used for these digital crimes are patched.