tv Hacked The Bangladesh Bank Heist Al Jazeera May 25, 2018 12:32pm-1:01pm +03
people have been asked whether or not to relax some of the strictest abortion laws anywhere in europe the referendum pitches social and catholic conservatives against supporters of a more liberal island these forty nine people have drowned when their boat capsized in a river in democratic republic of congo it happened on wednesday in the northern province of child about fifty people survived both saw one of the main forms of transport in the country and accidents are common. indonesia's parliament has approved stronger anti-terrorism legislation following recent suicide bomb attacks the change the military involvement in counter-terrorism policing and extended detention periods when i went east is up next. and this is difficult not to say whether someone voting for someone is very red but that's not a weenie trick i think it's how you approach an individual and that's what it is a certain way of doing it you can't just. story in fly out.
it was a theory. tens of millions of dollars stolen from bangladesh's central bank via the federal reserve bank of new york and then laundered into two of. the money and the thieves then bent. i'm steve on this episode a one on one east we investigate one of the biggest bank robberies a modern times and ask how the cyber hackers got away with it. well. our government. jacka the capital of bangladesh. a teeming chaotic city and one of the world's poorest. seventy million people live here
a set of them surviving on less than two dollars a day. bangladesh has one of the world's fastest growing economies. it's a country on the up but one that could ill afford to lose more than eighty million dollars of taxpayers' money. bangladesh bank the country's central bank is it the heart of its economic system. it overlooks a busy roundabout inductors financial district. high walls and tight security to stop anyone getting in who shouldn't be there but sometimes physical barriers enough for this heist nobody broke in and nobody took anything away in crime was perpetrated electronically. on the evening of service day february the falls twenty sixty. in the start of the
weekend in muslim bangladesh most of the central bank staff had gone home the building was secure but intruders were already inside. in the interim report experts commissioned by a bangladesh bank said a malicious program was installed on the bank's computer systems where possibly delivered virus infected e-mail collected passwords and usernames and covered its own tracks. investigators say they found considerable evidence that the hackers used the bank's credentials to access swift international messaging system used to send money around the world the hackers then generated search the five requests to transfer funds from bangladesh bank's account with the federal reserve bank in new york the orders came close to a billion dollars. most of the requests were blocked but ford did get through and as a result almost eighty one million dollars was sent to accounts at
a bank called our c.p.c. thousands of miles away in the philippines i couldn't believe it. because nothing like that even a smaller thing like that never happened so i was down and actively for a while actually was the governor of the bank when its systems were compromised and the money was stolen you know i'm not blaming swift i'm not blaming i'm not blaming bangladesh bank but and this was not strong enough to really we stand that kind of at. all institutions touched by the highest have denied they were at fault for the losses they have however taken steps to improve security. police headquarters in downtown dhaka detectives who. there are working with all sorts he's in other
countries in what has become an international investigation they've yet to confirm how the hackers got into the system or we both has all the data and helping us. is helping us and we are trying to find out. about cancun theme. maybe some investigators are sifting through ten terabytes of data in the hunt for a smoking gun that might identify the culprits though no bank insiders have been charged over the heist police say they must fully investigate the possibility. that maybe a bank employee. yes. thank you dish bank denies that anyone on the inside was involved and also denies negligence the police have not charged anyone from bangladesh bank in relation to
the heist. to find out more i contacted one of the private sector cyber security companies that have investigated the methods used by the hackers what were your thoughts when you heard that this central bank had been hacked me early indicators show that this they likely got into some sort of spearfishing message that basically sent an e-mail to someone and then that person basically clicked on that e-mail and had their computer system now they are going after what's called the swift terminals these are the terminals or computers that are responsible for conducting large bank transfers between organizations or even countries it's basically they're modifying the applications on the computer that has sort of been hijacked and remember those computers are actually inside the bag this is a case where this institution was compromised more so than anything swiss specific . in bangladesh the investigation into who stole the. eighty one million dollars continues but it's
quite possible that the hackers may actually have never set foot in the country. missing millions were sent overseas and i'm following the money trail to the philippines where electronic wire transfer became hard cash. i've come to manila it's one of the fastest growing cities in asia manila's business district has expanded substantially over the last decade but its banking sector operates under unusually strict secrecy little that includes the institution which helped turn the transfers from bangladesh into cash it was by sending money here that the thieves effectively made their getaway eighty one million dollars of bangladesh bank's funds ended up in this local branch of a bank called aussie b.c.
and they did it using bank accounts that had been opened months earlier using fake i.d.'s and that since lane in active the hackers had said payment requests from bangladesh bank to the new york fed on thursday and by friday the money had hit accounts that are c.b.c. in manila. it was then moved between an array of other accounts controlled by a remittance company called phil rem some of it was converted into philippine pesos over a period of ten days the money was transferred elektra likely and in cash and channeled into manila's casino industry. the accounts here on jupiter street were a vital clue for investigators they were crucial for laundering the money and someone had set them up using false names and fake credentials the question is who . the philippine senate held an inquiry into the laundering of the proceeds of the heist. it heard that the accounts were opened by the manager of the r c b c jupiter
street branch a woman called my a. good bill good with him. and i really value the truth she says she opened the accounts for this man a manila christina owner and agent she'd known for several years kim wong who also gave evidence at the inquiry. my declined to be interviewed for this programme but she testified to the inquiry that she had actually met four people whose names were on the accounts she's been represented by a lawyer who has an unusual taste in our us mr wong vouch for their identities for sent the documents. which showed their identities and requested her to open an account in her bribe on behalf of these five individuals. with the promise that. a substantial amount would come
in these accounts one hasn't been formally charged over the heist but is subject to civil action he denied to get his version of events and denied knowing that the money was stolen while cannot months up but taking on documents bought up all my so bad us a bunch up in the uk in equal i'm in no none now eighty one million dollars see my young big eight lung being the mum bank accounts some forty million on me for a co key my you may know. i'm on a guitar the book. bank was fined close to twenty million dollars for failing to comply with banking regulations and its chief executive and
president resigned. the bank said it accepted the findings of the regulator and wants to move on the company's lawyer says maya to quito was a rogue employee branch manager who says she was naive that she was a pawn in a much larger plan which she didn't clearly understand at the time i disagree with that she knows the banking system history of all the policies of the bank she knew about the cards she set it up she was obviously waiting for the funds to be credit and when it was credit that she acted with like. getting this accounts out of the beneficiary of the other accounts. the senate report documented the timing of the payments many were made within minutes of each other. lawyers say that when funds were received on february the fifth she confirmed the legitimacy of the remittances with our c.b.c.
head office and received e-mails confirming they were from valid sources legal team say she didn't have all thirty to unilaterally prevent transfers and their client was told there was no reason to hold the phones following an investigation by anti money laundering or storage the a m l c the philippine department of justice has recommended that my be charged with eight counts of money laundering legal team is trying to quash the charges against her but if the case goes ahead she will plead not guilty. sears year was many a form of philippine senator who sat on the committee looking into the heist says he doesn't believe seven days of testimony uncovered the whole story we couldn't quite get her to explain everything because we did not give her witness protection program. when the money left it was paid to accounts at the fil rember emittance company still room was run by michael and. day along with kim wong and the
company that owns a casino called solaire are the subject of pending legal action by money laundering authorities to try to recover some of the stone money jim long and solaris say they are complying with the authorities the protesters have not responded to our request for comment. one stumbling block for the senate inquiry was the unusually high level of privacy afforded to bank accounts the philippines along with switzerland and lebanon has one of the most secretive banking sectors in the world can wall bank account we couldn't get it. back account we couldn't get it why. they hit. back secrecy act it stopped us from getting the whole picture in the money because we couldn't get the the. bank accounts of anybody
almost fifteen million dollars has been recovered according to the official philippine senate report some of it handed over by kim wong who denied knowing it was stolen the m.l.c. says phil rem still holds seventeen million dollars of the stolen money and this suing for its return the company denies it has the money. almost fifty million dollars has been traced to casinos and gambling junket operators according to the m.l.c. investigation none of that sixty seven million has been recovered. the casinos were used for turning the electronic money transfers into hard cash there's been no inference they knew the funds were stolen they weren't covered by money laundering laws at the time and weren't required to record large transactions. as many as committee the heist exposed serious flaws and they were floors that were predictable. when they were going to develop
before here when they did that ahead he. updated our money laundering law because he gonna be very bad for a. senate inquiry made more than a dozen recommendations which included extending money laundering laws to casinos and making it easier to access information about bank accounts. new laws covering the casinos were passed in july twenty seventeen and earlier that year the philippines appointed a new central bank governor who vowed to make it harder for dirty money to enter the financial system. it was many years says he found it hard to get politicians to act we have the strictest bank secrecy law in the world and they can't get any of my congressman or senator to amend that.
new york city one of the world's biggest financial centers and home to one of its most important financial institutions. the federal reserve bank of new york all defect its manhattan headquarters sit on top of five hundred and eight thousand gold bugs and it handles around eight hundred billion dollars of payments every day . johnson spice reports on its activity which moves markets around the world when no one thinks of the federal reserve in terms of cyberspace usually you think of you know economics you think of labor markets you think of macro models of the u.s. central bank and economists are poring over to try to decide what to do about interest rates it turns out of course that there's about three and a half trillion dollars of foreign funds being held at the new york fed and the fed is basically the account custodian for two hundred fifty foreign entities around
the world. and its customers included bangladesh's central bank and it was to the new york fed that the hackers sent thirty five messages requesting payments from the bangladesh bank account. things could have been a lot worse but for an extraordinary coincidence millions of dollars hundreds of millions were never transferred because the name jupiter in the address for the bank happens to match that of an oil tanker nothing to do with the heist but on the list of u.s. sanctions against iran as a result most of the transfer orders were flagged as suspicious and blocked by the feds. and there were other reasons to transfer requests could have arouse suspicion they were different to most payments made by bangladesh bank they would formatted properly and these were large payments to individuals rather than organizations. but largely because the requests appeared to be authentic aided by swift eighty one
million dollars was sent. when i use my card in a foreign country for example or for a sudden large purchase it can trigger a simple fraud inquiry from my bank real time monitoring the technology is quite straightforward but in the case of the heist nothing like that happened at the fed the vast majority of the use payment requests that arrive on the doorstep of the new york fed are automatically executed you know they come to this with network they have all the boxes ticked their swift authenticated and so they automatically go at the door but fred stuff we're concerned enough about some of the payments to try to contact bangladesh bank at the end of service day they sent a message using swift and two more on friday but hackers had compromised bangladesh bank swift system and sabotaged a crucial printer in the dhaka office it wasn't until saturday that bangladesh bank
staff realized what had happened and tried to contact the fed urgently could only use numbers they found on the internet lines that weren't oncet at the weekend on monday bangladesh bank finally got messages through to new york saying they'd been hacked. it would have been seen as stuff arrive to work in new york at seven thirty in the morning. the fed declined our invitation to provide someone for an interview but said this while the event in february twenty sixth did not result. in a breach or compromise of the new york fed systems we did view this as an opportunity to further strengthen the safety of global payments the new york fed perform certain screening all of and diligence on funds transfers sent both to and from the accounts of foreign central banks on our books the robustness of cyber security around the global payment system must continue to be
a priority for each participant in the chain. brussels belgium capital and home to european institutions as well as the headquarters of swift a co-operative organization owned by the banks that use it well in nineteen seventy three you have to go back then banks were sending messages to each other using the teller acts imagine getting ten thousand faxes a day not very secure not very automated so two hundred thirty nine banks from fifteen countries said let's use computers nine hundred seventy three let's use global telecommunications and try to get it to work and they form the society for world interbank financial telecommunication swift and today fast forward it's thousands of banks hundreds of two hundred countries and trillions of dollars
a day flow through this with that work over ten trillion a day and it was swift messaging system that the hackers access to send messages to the fed. we always realized sweet sweet spot were at the user's terminal at the end points which went out responsible for the physical security and for them keeping their own passwords safe and secure and other credentials and over time you can imagine as this cyber crime became much more sophisticated. which should have been doing more or could've been doing more as. swift declined to be interviewed but said there is no indication that swift's network or core messaging services have been compromised in the recent attacks on banks customers are individually responsible for the security of their own environments we fully recognize that the security of the industry as a whole is
a shared responsibility in mid twenty sixteen we launched a customer security program to reinforce the local security of this swift related infrastructure and the organization has introduced changes users like bangladesh bank now require more than just a username and password to log in. under pressure over the heist changes have been made at some of the big institutions but will they be enough to stay ahead of the hackers and who was behind this ordinations theft. what happened to much of the money that was played a casino tables in the philippines is unknown but analysis by u.s. authorities and cyber security experts says the digital fingerprint found at the scene of the crime bangladesh banks computer systems points to north korea. in the u.k. the defense company b. a systems is subject to frequent attacks by hackers and helps other organizations
defend themselves from cyber crime according to its experts the bangladesh bank heist bears the hallmarks of other attacks a distinctive code used to erase the tracks of hackers that also featured in an attack on sony pictures in twenty fourteen the u.s. government has blamed that on north korea a claim that north korea denies so we got a few clues from the tools that these attackers used in bangladesh bank and other attacks that we we've seen and the tools are very specific to a group and this is a name that's been given by the security community and it's a group. been involved in attacks from south korea than involved in attacks in the us we've seen them in attacks in europe as well and they're almost certainly behind this this bangladesh bank heist as well the russian cyber security firm kaspersky lab has also said it found digital evidence that lazarus hackers made a direct connection from an ip address in north korea to a server in europe used to control systems infected by the group just perske said
that was the first time they've seen a direct connection between lazarus and north korea and while it's possible the bangladesh hackers were trying to frame pin on yang north korean involvement was the most likely explanation. and in twenty seventeen the then deputy director of the national security agency said private sector research linking north korea to the heist was strong link from sony actors to the bangladeshi. actors is accurate that intonation stage is wrong things that to be. its different . do you believe there are nations. that do. allegations or hacking whether from security firms or officials in the united states and south korea all denied by the north
korean government but no matter who is behind the bangladesh bank job north korea or an unknown crime syndicate could there be another cyber heist well they have already been more attempts in twenty seventeen taiwan's far eastern international bank was attacked by hackers trying to steal millions of dollars using the swift payment system the banks declined to comment russia's central bank has said hackers took control of computers at an unnamed russian bank in twenty seventeen and used a swift system to steal six million dollars and in february twenty eighth hackers tried to steal nearly two million dollars from the. india's city union bank the bank said there were similarities with the bangladesh case. on the trail of the missing millions i've visited many places from the heart of the global financial system to developing countries always different levels of
technological sophistication but their banks all share one thing the messaging system swift and hackers have realized its users can make themselves vulnerable. maybe she's a victim but but it is at the cost of. this is improving but in forcing the highest standards internationally is a challenge where i think the vulnerability is if there isn't a global a more global coordinated response to these threats and the hackers have not gone away the bangladesh heist was a wake up call for the international banking system changes have been made but distract from hackers is constantly evolving and many institutions regard cyber security as the biggest risk they face today.