Hackers have managed to steal about $81 million from the central bank of Bangladesh due to the absence of firewalls.
A complete lack of firewalls made it easy for the hackers to steal the money from Bangladesh Bank, said a report published in Reuters
According to the report, the bank’s use of $10 network switches also contributed to the incident which is one of the largest amounts stolen from a bank at once in history.
On February 5, hackers stole $101 million from Bangladesh Bank’s accounts in the Federal Reserve Bank of New York and transferred $81m to Philippines’ Rizal Commercial Banking Corporation, from where the money was moved to local casinos.
The hackers got into the bank’s systems, grabbed credentials, and then made dozens of requests from the Federal Reserve Bank of New York to move money from Bangladesh to accounts in the Philippines and Sri Lanka. The transactions were stopped because they made a typo, spelling “foundation” as “fandation,” which caused a routing bank to question the Bangladesh Bank.
However, the hackers could have easily stolen nearly $1 billion from the Bangladesh central bank if they did not make the spelling error.
In an investigation, it was found that Bangladesh Bank used very cheap network switches and had no firewall in place that made it more easy for the hackers to grab login credentials.
Bangladesh Bank’s system is connected to the SWIFT global bank payment network that allows for high-value bank transfers.
According to Reuters, police have knowledge of the people who received the money from the central bank but they do not know the identities of the hackers.
The report also stated that the bank’s cheap hardware was one of that reasons to why they were still unable to trace exactly where the hackers were accessing the network from.
A bit more money spent on even a minor amount of security could have saved Bangladesh Bank over $80 million.