WASHINGTON: The US Federal Bureau of Investigation suspects the computer hacking theft of $81 million from Bangladesh’s central bank was in part an inside job, the Wall Street Journal reported Tuesday.
Quoting sources familiar with the matter, the Journal said FBI agents investigating the case “have found evidence pointing to at least one bank employee acting as an accomplice.”
But it added that “a handful of others” may have also aided the hackers in breaking into the computers of Bangladesh Bank.
The spectacular cyber-theft has embarrassed the government in Dhaka, triggered outrage in the impoverished country and raised alarm over the security of the global infrastructure linking central banks.
Hackers fabricated official electronic transfer orders to move the money from Bangladesh Bank’s account with the Federal Reserve Bank of New York in February and send it to accounts in the Philippines, where it then disappeared, in part through the Philippines casino industry.
But the New York branch of the US central bank blocked most of the bogus transfer orders it received, preventing the theft from skyrocketing to $1 billion.
The involvement of the New York Fed has brought the FBI into the case, but the Fed is not being viewed as blameworthy.
Separately, the global financial transfers network SWIFT on Monday rejected reported accusations by Bangladesh police and bank officials that it was to blame for low security protections.
“SWIFT was not responsible for any of the issues cited by the officials, or party to the related decisions,” it said in a statement.
“As a SWIFT user like any other, Bangladesh Bank is responsible for the security of its own systems interfacing with the SWIFT network and their related environment — starting with basic password protection practices — in much the same way as they are responsible for their other internal security considerations.”
Representatives of Bangladesh Bank, the New York Fed and SWIFT met Tuesday in Basel on the issue.
In a joint statement, they said they had exchanged information about “the cyber and physical vulnerabilities illustrated by this event.”
They said they were committed to recovering the lost funds and bringing the perpetrators to justice. AFP