Hackers known as the “Lazarus Group” are sneaking into banks worldwide, moving around more than $100 million—and so far, getting away with it.
A recent spate of high-profile, digital bank heists have revealed shocking weaknesses in the security of the global financial system, CNNMoney reported.
It’s posing a new reality: No longer do robbers need to storm banks wearing masks and armed with guns. They can empty a bank’s vaults electronically.
At least four major banks have been infiltrated by hackers since January 2015.
The first known case happened in January to Ecuador’s Banco del Austro. That time, hackers stole $12 million and moved it through a Wells Fargo bank account in the United States.
Then it happened in October to a bank in the Philippines. Bankers’ desktop computers were infected with computer code that gave hackers control of the system. It’s unclear if any cash was stolen.
Vietnam’s TPBank was hit in December. Hackers tried to transfer out $1 million, but they failed.
In February, hackers broke into Bangladesh’s central bank and stole $101 million (some reports say $81 million) from its account at the New York Federal Reserve.
This risk poses a danger to banks everywhere. These hacks have exposed a flaw in the integrity of the international banking system. That system is based on trust—the understanding that if a bank approves a transaction, it’s really that bank making the call.
But only the largest banks—typically those in the United States and Europe—are well protected. As the CEO of Mastercard recently put it: Smaller banks are the weak link in the chain.
Hackers have discovered that they can break into smaller, less guarded banks—and move money internationally with relative ease. This is forcing banks to doubt the validity of wire transfer requests.
Using Hacked Credentials
The hackers who attacked these banks are using pieces of the same malicious computer code as the hackers who attacked South Korean media companies in 2013, as well as Sony in 2014.
SWIFT was not hacked. A key role here is played by SWIFT, the worldwide interbank communication network that settles transactions. It’s how banks send money to each other.
SWIFT makes sure Bank ‘A’ really is sending money to Bank ‘B’. In these cases, hackers entered Bank A. Using hacked credentials, thieves could move money along SWIFT to another bank account.
SWIFT says it has taken steps to keep money safe. As a response to these hacks, SWIFT is forcing banks to increase their security. Moving money will require additional steps that prove a real banker is approving a transaction. Banks will also share more information with one another about their computer systems. This would form a unified defense against hackers. SWIFT is also analyzing its own infrastructure to spot how it’s being used illegally.
But the CEO of SWIFT has also said: “The financial industry, as a community, has to be clear that cyber risk is big; there will be more cyber attacks. And inevitably some will be successful,” he said.
