Bangladesh Bank Heist Similar to Sony Hack
Investigators probing the cyber heist of $81m from the Bangladesh central bank connected it on Friday to the hack at Sony Corp’s film studio in 2014, while global financial network SWIFT disclosed a previously unreported attack on a commercial bank.
SWIFT did not say which commercial bank it was or whether it had lost money, but cyber-security firm BAE Systems said a Vietnamese bank, which it did not name, had been a target. It was not clear if they were referring to the same attack and there was no immediate comment from authorities in Hanoi, Reuters reported. SWIFT, the linchpin of the global financial system, said forensic experts believed the second case showed that the Bangladesh heist was not a single occurrence, but part of a wider campaign targeting banks.
In both cases, SWIFT said, insiders or cyber attackers had succeeded in penetrating the targeted banks’ systems, obtaining user credentials and submitting fraudulent SWIFT messages that correspond with transfers of money. The cooperative has maintained that its core messaging service has not been compromised. But confirmation of a second attack on a bank will likely increase scrutiny on the security of a network used by 11,000 financial institutions globally.
In Bangladesh, cyber-security experts hired by the central bank said in a report that hackers were still inside the bank’s network, monitoring the investigation into one of the biggest cyber heists in the world. Reuters reviewed parts of the report, but the source who shared the document declined to provide access to its full contents, saying the release of some details could hamper a multinational effort to catch the criminals.
Asked about the report, a Bangladesh Bank spokesman said: “We have engaged forensic experts to investigate the whole thing, including this.” He did not elaborate.
Investigators have determined that one team of hackers, dubbed Group Zero in the report, was responsible for the heist and remained inside the network. Group Zero may be seeking to monitor the ongoing cyber investigations or cause other damage, but is unlikely to be able to order fraudulent fund transfers, the investigators wrote.