30 Mar 2016
Bank heists are the stuff of legends – but the most recent theft of more than $80 million from Bangladesh central bank shows that robbers don’t even need to leave their homes to make off with their loot. Investigators believe the attack, which funneled $81 billion from the bank’s international settlement account at the Federal Reserve Bank in New York to payees in the Philippines and Sri Lanka, was made possible by malware that infiltrated the bank in Bangladesh. Once attackers learned how to withdraw from the central bank’s systems – a process that took a few weeks before the actual theft – they initiated dozens of transactions at the Federal Reserve Bank using stolen SWIFT credentials. While the specific type of malware has not yet been determined, the most likely culprit is a remote access Trojan. These types of programs enter a system through an email attachment or other user-controlled programs like games. Once installed, they allow the attacker to monitor systems, credentials, and other useful information before actually striking. But it’s not just banks in Bangladesh that are prone to such hacks. In 2013, banks in Russia, Japan, Switzerland, the Netherlands, and the United States were infiltrated by software created by a criminal group that funneled millions of dollars out of the institutions. Luckily, there are steps that any banking institution can – and should – take to ensure it avoids such insidious attacks.
- Train employees on security measures. Since malware often enters systems through email attachments, employees should be taught what to look for. Be wary of emails from those you don’t know – or even those you do, as social engineering, or phishing, can extract just enough information about an organization or person to allow an attacker to craft an innocent-looking email carrying a malicious code.
- Ensure security policies are up to date. Cybersecurity is often viewed as a technology issue, but it can make or break a company’s reputation – and, as such, should be treated as a top-level business issue. Stakeholders and employees at all levels should be invested in your institution’s reputation – and, by extension, your security.
- Enforce and protect. Third-party vendors can provide software that searches for malware and isolates the threat before it can cause damage. Since attacks like those described above need to start with information-gathering, a system that watches for malicious code and isolates the threat can protect an organization before any information – or money – is extracted.