Central Bank Heist : Internal Control Weaknesses And Techniques

2113 Words9 Pages
Central Bank Heist: internal control weaknesses and techniques used to commit the fraud As part of the scandal considered being one of the largest bank heists in modern history, several internal control weaknesses were discovered, which left a country exposed to future potential threats and an increased need for awareness and information system upgrades. Such a devastating case prompted other Central Banks around the world to examine and upgrade their cyber security measures. In this heist of a million dollars, there were a total of 35 transfer requests made to the New York Federal Reserve Bank by hackers on behalf of the unbeknownst Central Bank of Bangladesh. Of these 35 requests, 4 were successful and were transferred to the Rizal Bank…show more content…
On the other hand, the US based bank and the Belgium based organization - SWIFT (Society for Worldwide Interbank Financial Telecommunication) claim that their core banking and messaging services were not affected by the issue and continued to work as ordinary and in accordance with standard authentication protocols. New emerging evidence shows that the attack originated from outside Bangladesh, enforcing the hypothesis that the hackers have stolen the credentials for the SWIFT messaging system of the Bangladesh Central Bank, which banks the around the world use for secure money related correspondence. Techniques used to commit the fraud To pull off the incident, cyber criminals needed to first gather data about Bangladesh Central Bank 's systems for requesting transfers, so that the fraudulent requests would not stand out. This is known as social engineering, where hackers play on human psychology to manipulate victims. They regularly monitor communications to understand when an individual would be most responsive to a specially crafted social-engineering email instructing them to make the transfer or even steal SWIFT credentials to perform the transfer themselves. The hackers probably needed to get cryptographic keys that verified the senders. Of course, social engineering can be used in a

More about Central Bank Heist : Internal Control Weaknesses And Techniques

Open Document