Click to Skip Ad
Closing in...

Thrifty bank’s $10 routers lead to $81 million heist

Published Apr 22nd, 2016 10:50AM EDT

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

This past February, some clever hackers pulled off a daring bank heist that was aided by a Bangladeshi bank’s decision to buy cheap second-hand $10 routers. In fact, the cheap routers let hackers get away with $81 million by giving them access to the secure computers that handle SWIFT monetary transactions and helping them hide their tracks.

DON’T MISS: How do planes fly? This animation explains everything you need to know

Some 20 individuals who received payments from hackers have been identified so far but the masterminds of the attack have yet to be discovered. Even worse is the fact that most of the funds, which were routed to accounts in the Philippines and diverted to a local casino, are still missing.

According to Reuters, the head of the Forensic Training Institute of the Bangladesh police’s criminal investigation department revealed that security oversights from the bank helped hackers steal the money. Hackers took advantage of the $10 routers that had no firewalls to get into the bank’s system and were aided by the fact that the bank’s switches weren’t sophisticated enough to trace the hackers’ steps.

“You are talking about an organization that has access to billions of dollars and they are not taking even the most basic security precautions,” cyber firm Optiv consultant Jeff Wichman told Reuters.

Furthermore, the SWIFT servers inside the bank were on the same network with the rest of the banks’ 5,000 computers, rather than being on a walled, secondary one. Furthermore, the room that houses the SWIFT computers isn’t monitored by a bank employee at all times in spite of the sensitive nature of the activity that goes on in it. Instead, all transactions are automatically printed on a printer in the room.

Police believe that both the bank and SWIFT should take blame for the heist. The Belgian banking authority said that the heist only breached the Bangladesh Bank and not its secure messaging services. The bank stated that SWIFT officials only advised that a router upgrade is in order after the heist.

Chris Smith Senior Writer

Chris Smith has been covering consumer electronics ever since the iPhone revolutionized the industry in 2007. When he’s not writing about the most recent tech news for BGR, he closely follows the events in Marvel’s Cinematic Universe and other blockbuster franchises.

Outside of work, you’ll catch him streaming new movies and TV shows, or training to run his next marathon.