Was SWIFT to blame for the Bangladesh Central bank security breach?

Hi folks,

There were allegations that SWIFT  technicians made the nation’s central bank more vulnerable to hacking before an $81 million cyber heist in February. SWIFT rejected these allegations. the Brussels-based bank-owned cooperative said in a statement posted on its website:

“SWIFT was not responsible for any of the issues cited by the officials, or party to the related decisions,”

“As a SWIFT user like any other, Bangladesh Bank is responsible for the security of its own systems interfacing with the SWIFT network and their related environment – starting with basic password protection practices – in much the same way as they are responsible for their other internal security considerations,”

The comments were in response to a Reuters story that cited Bangladeshi police and a central bank official as saying that SWIFT technicians introduced security holes into the bank’s network while connecting SWIFT to Bangladesh’s first real-time gross settlement (RTGS) system.

Mohammad Shah Alam, the head of the criminal investigation department of the Bangladesh police, said the probe had identified specific deviations from set procedures that compromised Bangladesh Bank’s security.

The allegations by Bangladeshi officials about the SWIFT technicians have not been independently verified by the Reuters.

According to the Wall Street Journal, U.S. investigators suspect that Bangladesh Bank employees must have been helping the hackers breach the systems.

The Bangladesh police investigations have been looking for insider involvement but has found no evidence of such as yet.

The police said that ” If the FBI has uncovered evidence, they should share with us,”

The revelations came ahead of a meeting last week in Basel, Switzerland. Here the Bangladesh Bank officials have said that their governor and an appointed lawyer would discuss recovery of about $81 million stolen by hackers with the head of the Federal Reserve Bank of New York and a senior executive from SWIFT.

The fraud has been committed through the SWIFT system and the Bangladesh Bank officials have said they believed SWIFT, and the New York Fed, bear some responsibility for the February cyber heist.

SWIFT’s statement said it “looks forward to the meeting with Bangladesh Bank and New York Federal Reserve Bank officials in Basel on 10th May, when the bank’s security issues and these baseless allegations will be discussed.”

Source: Akati

Comments are closed.