Skip to main content
  1. Home
  2. Computing
  3. News

$10 switches cost Bangladesh’s central bank $81 million

Lulu Chang
By

Network Switch
There may be a time and a place for frugality, but not when it comes to bank security. This was made shockingly clear in a case where $10 switches cost Bangladesh’s central bank a stunning $81 million in a hack that experts are attributing, to some degree, to stinginess. An investigation into one of the largest cyber heists in history has revealed that the bank was left exposed to attacks because it was completely devoid of a firewall, and worse yet, “used secondhand, $10 switches.”

Experts say that poor security and hardware both contributed to the massive money loss, and in particular, the $10 routers have made it more difficult for investigators like Mohammad Shah Alam, head of the Forensic Training Institute of the Bangladesh police’s criminal investigation department, to do their jobs. Alam notes that the switches “collected very little network data that could be used to pinpoint the hackers and shed light on their tactics.”

Back in February, hackers were able to gain access to the core network of the Bangladeshi bank, and took advantage of this opportunity to move cash from Bangladesh’s accounts at the Federal Reserve Bank of New York to their own accounts. Apparently, the only reason that the attackers weren’t able to make off with more (think billions rather than millions of dollars) was a spelling mistake — bank staff noticed the typos and prevented any further damage. Authorities say that the majority of the funds have yet to be found.

Related

Security experts seem horrified by the blatant lack of protection measures the central bank took to guard against such attacks. “You are talking about an organisation that has access to billions of dollars and they are not taking even the most basic security precautions,” Jeff Wichman, a consultant with cyber firm Optiv, told Reuters. Worse yet, there may be other banks in the world that are similarly unprepared.

Also taking some blame for the heist is global payment network SWIFT, to which the Bangladesh bank’s networks were connected. “It was their responsibility to point it out but we haven’t found any evidence that they advised before the heist,” Alam said of the payment network. SWIFT has only said that the attack was the result of “an internal operational issue at Bangladesh Bank,” and that its own core messaging services were not affected.

Regardless, the magnitude of this breach may finally convince other financial institutions to improve their own security practices, and not pinch pennies at the risk of losing millions.

Editors' Recommendations

Topics
New COVID-19 phishing emails may steal your business secrets
Woman Checking Her Email
This dangerous new hacker tool makes phishing worryingly easy
Computer user touching on Microsoft word icon to open the program.
Over 1M credit cards just leaked to criminals on the dark web
A depiction of a hacker breaking into a system via the use of code.
Hackers are using cookies to sidestep two-factor authentication
A large monitor displaying a security hacking breach warning.
Best Gaming PC Deals: Save on RTX 3070, 3080, 3090 PCs
The Alienware Aurora R10 Ryzen Edition Gaming Desktop, placed on a desk.
The 6 biggest problems with ChatGPT right now
ChatGPT and OpenAI logos.
Pro users are already unhappy with the upcoming Mac Pro
mac pro display xdr first look wwdc 2019 hands on 10
How to schedule an email in Outlook
Scheduling an email in Outlook in Firefox on a MacBook.
15 years later, the MacBook Air could soon have its best year ever
macbook air
How to watch Super Bowl 2023 on your computer
State Farm Stadium SuperBowl LVII logo.
Microsoft Word vs. Google Docs
A person using a laptop that displays various Microsoft Office apps.
Turns out DirectStorage isn’t killing frame rates in Forspoken after all
Frey is handcuffed and guarded in Forspoken.
Best laptop deals: Save on Apple, Dell, HP and Lenovo
Woman using the Asus ProArt Studiobook on a desk.