BB cyber heist

Probe `shifts gaze` on IT technicians

30 December 2016

Police's investigation in the Bangladesh Bank cyber heist has shifted its gaze on some IT technicians of the central bank, Reuters reported.
Citing Deputy Inspector General Shah Alam, who heads the probe, it reported investigators suspect some IT technicians of hooking up transaction systems to public internet to give hackers access. The report quoted Alam as saying they were focusing on a 'password token' for the SWIFT transaction network that was left inserted in the SWIFT server for months.
"It is supposed to be removed and locked in a secure vault after business hours each day," reads the Reuters report. Alam told the news agency that failure to remove it allowed hackers to enter the system to infect it with malware and then issue fake transfer orders. It was not known who was responsible for leaving the token that was supposed to protect the SWIFT system inserted in the server, Alam added. At least half-a-dozen bank officials share responsibility for safekeeping of the token, he said. Reuters said in its report that it could not independently confirm Alam's claim. "No one has been arrested and Alam did not provide any further evidence to back up his assertions," says the report. It quoted the senior police officer as saying that any arrest in the central banks is yet to be made as the probe was incomplete and that he was waiting for "specific information."
Reuters said, Bangladesh Bank spokesperson Subhankar Saha declined comment on the investigation as well as the US Federal Bureau of Investigation and SWIFT. Hackers used stolen credentials to try to transfer nearly $1 billion from Bangladesh Bank's account at the Federal Reserve Bank of New York through the SWIFT transaction system. Many of the transfer orders were blocked or reversed, but $81 million was sent to accounts in a branch of Rizal Commercial Banking Corp (RCBC) in the Philippines.
The money eventually went into the sprawling casino industry in the Philippines, with most of it remaining untraced. DIG Alam's comments follow months of assertions by authorities that central bank officials were guilty of nothing more than negligence in the heist. Bangladesh police had previously blamed contractors hired by the SWIFT transactions network for making its system vulnerable, a charge denied by the Belgium-based cooperative. "There were a number of other things, which if the Bangladesh Bank people had not done, the hacking would not have been possible," Reuters quoted the senior police officer saying.
Alam told Reuters he believed IT technicians connected the central bank's SWIFT network to the public Internet last year while linking the network to the bank's domestic payments system, the Real Time Gross Settlement System (RTGS). Linking it to the Internet made the highly secure network accessible from any outside computer. The work on linking SWIFT to the RTGS was supervised by SWIFT contractors but carried out by Bangladesh Bank technicians, Reuters said quoting Alam and a bank official.

Add Rate