Hacked: The Bangladesh Bank Heist | 101 East

Video Statistics and Information

Video

Captions Word Cloud

Captions

[Music] it was a daring raid tens of millions of dollars stolen from Bangladesh's central bank via the Federal Reserve Bank of New York and then laundered in the Philippines the money and the thieves then vanished I'm Steve Chow on this episode of one on one East we investigate one of the biggest bank robberies of modern times and ask how the cyber hackers got away with it Decker the capital of Bangladesh a teeming chaotic city and one of the world's poorest 70 million people live here a third of them surviving on less than $2 a day Bangladesh has one of the world's fastest growing economies it's a country on the up but one that could ill afford to lose more than 80 million dollars of taxpayers money Bangladesh Bank the country's central bank is at the heart of its economic system it overlooks our busy roundabouts indicas financial district high walls and tight security to stop anyone getting in who shouldn't be there but sometimes physical barriers aren't enough for this heist nobody broke in and nobody took anything away the entire crime was perpetrated electronically [Music] on the evening of Thursday February the 4th 2016 the stars of the weekend in Muslim Bangladesh most of the central bank staff had gone home the building was secured but intruders were already inside in an interim report experts commissioned by Bangladesh Bank said a malicious program was installed on the bank's computer systems a malware possibly delivered via an infected email collected passwords and usernames and covered its own tracks investigators say they found considerable evidence that the hackers used the bank's credentials to access Swift the International messaging system used to send money around the world the hackers then generated 35 requests to transfer funds from bangladesh banks account with the Federal Reserve Bank of New York the orders came close to a billion dollars most of the requests were blocked but four did get through and as a result almost 81 million dollars was sent to accounts at a bank called RCBC thousands of miles away in the Philippines because nothing like that even a smaller thing like that never happened so I was I was dumb and actually for for a while attea Rahman was the governor of the bank when its systems were compromised and the money was stolen you know I'm not blaming Swift I'm not blaming Fed I'm not blaming Bangladesh bank but the entire system was not strong enough to really withstand the kind of attack that it got all institutions touched by the heist have denied they were at fault for the losses they have however taken steps to improve security [Music] police headquarters in downtown dhaka detectives here are working with authorities in other countries in what has become an international investigation they've yet to confirm how the hackers got into the system we process all the data and FBI is helping us Interpol is helping us and we are trying to find out the conclusive evidence we investigators are sifting through 10 terabytes of data in the hunt for a smoking gun that might identify the culprits so no bank insiders have been charged over the heist police say they must fully investigate the possibility oh yeah looking into that maybe a bank employee yes [Music] Angela - Bank denies that anyone on the inside was involved and also denies negligence the police have not charged anyone from Bangladesh Bank in relation to the heist to find out more I contacted one of the private sector cybersecurity companies that have investigated the methods used by the hackers what were your thoughts when you heard that this central bank had been hacked the the early indicators show that this they likely got in through some sort of spearfishing message so basically they sent an email to someone and then that person basically clicked on that email and had their computer system infected now they were going after what's called the Swift terminals these are the terminals or computers that are responsible for conducting large bank transfers between organizations or even countries it's basically they're modifying the applications on the computer that has sort of been hijacked and remember those computers are actually inside the bank this is a case where this institution was compromised more so than anything Swift specific [Music] in Bangladesh the investigation into who stole the 81 million dollars continues but it's quite possible that the hackers may actually have never set foot in the country missing millions were sent overseas and I'm following the money trail to the Philippines where electronic wire transfers became hard cash [Music] I've come to Manila it's one of the fastest-growing cities in Asia Manila's business district has expanded substantially over the last decade but its banking sector operates under unusually strict secrecy laws and that includes the institution which helped turn the transfers from Bangladesh into cash it was by sending money here that the thieves effectively made their getaway 81 million dollars of bangladesh bank's funds ended up in this local branch of a bank called RCBC and they did it using bank accounts that had been opened months earlier using fake IDs and had since lain inactive the hackers had sent payment requests from Bangladesh Bank to the New York Fed on Thursday and by Friday the money had hid accounts at RCBC in Manila it was then moved between an array of other accounts controlled by a remittance company called fill Ram and some of it was converted into Philippine pesos over a period of 10 days the money was transferred electronically and in cash and channelled into manila's casino industry the accounts here on Jupiter Street were a vital clue for investigators they were crucial for laundering the money and someone had set them up using false names and fake credentials the question is who the Philippine Senate held an inquiry into the laundering of the proceeds of the heist it heard that the accounts were opened by the manager of the RCBC Jupiter Street branch a woman called Maya dig it oh she says she opened the accounts for this man a manila casino owner and agent she'd known for several years called Kim Wong who also gave evidence at the inquiry Maya dengue toe declined to be interviewed for this program but she testified to the inquiry that she had actually met four people whose names were on the accounts she's been represented by a lawyer who has an unusual taste in art mr. Wang vouch for their identities presented documents which showed their identities and requested her to open accounts in her branch on behalf of these five individuals and with the promise that a substantial amount would come into these accounts one hasn't been formally charged over the heist but is subject to civil action he denied the guitars version of events and denied knowing that the money was stolen welcome team elements appear on my documents para o mas o Don para Sabanci india enrico alam an enamel on than 81 million dollars sanaya ana PK lung sinha sobbing diamond bank accounts some foreign alum and Nina Foucault Kamiya main important Brannan at Atrato PO our CBC Bank was fined close to 20 million dollars for failing to comply with banking regulations and its chief executive and president resigned the bank said it accepted the findings of the regulator and wants to move on the company's lawyer says Maia Diggy Joe was a rogue employee branch manager says that she was naive that she was a pawn in a much larger plan which she didn't clearly understand at the time I disagree with that she knows the banking system she's trained of all the policies of the bank she knew about these accounts she set it up she was obviously waiting for the funds to be credited and when it was credited she acted with lightning speed in getting these accounts out of the beneficiary accounts into other accounts the Senate report documented the timing of the payments many were made within minutes of each other Maia de Ito's lawyers say that when funds were received on February the 5th she confirmed the legitimacy of the remittances with our CBC head office and received emails confirming they were from valid sources her legal team say she didn't have authority to unilaterally prevent transfers and their client was told there was no reason to hold the funds following an investigation by anti-money laundering authorities the AML C the Philippine Department of Justice has recommended that Maia Dieguito be charged with eight counts of money laundering her legal team is trying to quash the charges against her but if the case goes ahead she will plead not guilty Sergio was menya a former Philippines senator who sat on the committee looking into the heist says he doesn't believe seven days of testimony uncovered the whole story we couldn't quite get her to explain everything because we did not give her witness protection program when the money left our CBC it was paid to accounts at the Phil Gramm remittance company Phil rim was run by Michael and salud Batista they along with Kim Wong and the company that owns a casino called Sol air are the subject of pending legal action by money laundering authorities to try to recover some of the stolen money Jim Wong and sole heir say they are complying with the authorities the Batista's have not responded to our request for comment one stumbling block for the Senate's inquiry was the unusually high level of privacy afforded to bank accounts the Philippines along with Switzerland and Lebanon has one of the most secretive banking sectors in the world Kim Walsh bank account we couldn't get it filled a spike account we couldn't get it why Bank Secrecy Act it stopped us from getting the whole picture it stopped us from tracing the money because we couldn't get the the bank accounts of anybody almost 15 million dollars has been recovered according to the official Philippine Senate report some of it handed over by Kim Wong who denied knowing it was stolen the AML C says Phil Ramones 17 million dollars of the stolen money and is suing for its return the company denies it has the money almost 50 million dollars has been traced to casinos and gambling junket operators according to the AML C investigation but none of that 67 million has been recovered the casinos were used for turning the electronic money transfers into hard cash though there's been no inference they knew the funds were stolen they weren't covered by money laundering laws at the time and weren't required to record large transactions for Sergio Oz manias committee the heist exposed serious flaws and they were flaws that were predictable I was concerned especially in 2010 when when they were going to develop the four big casinos here when they did that I said it's time that we updated our money laundering law because they're gonna be very bad for us the senators inquiry made more than a dozen recommendations which included extending money laundering laws to casinos and making it easier to access information about bank accounts new laws covering the casinos were passed in July 2017 and earlier that year the Philippines appointed a new central bank governor who vowed to make it harder for dirty money to enter the financial system but as menya says he found it hard to get politicians to act we have the strictest bank secrecy law in the world and I can't get any of my congressmen and senators to amend that law new york city one of the world's biggest financial centers and home to one of its most important financial institutions the Federal Reserve Bank of New York or the Fed its Manhattan headquarters sit on top of five hundred and eight thousand gold bars and it handles around eight hundred billion dollars of payments every day Jonathan Spicer reports on its activity which moves markets around the world well no one thinks as the Federal Reserve in terms of cyber heists usually you think of you know economics you think of labor markets you think of macro models of the US central bank and its economists are pouring over to try and decide what to do about interest rates it turns out of course that there's about three and a half trillion dollars of foreign funds being held at the New York Fed and the Fed is basically account custodian for 250 foreign entities around the world and its customers included bangladesh's Central Bank and it was to the New York Fed that the hackers sent 35 messages requesting payments from the bangladesh bank account things could have been a lot worse but for an extraordinary coincidence millions of dollars hundreds of millions were never transferred because the name Jupiter in the address for the bank happened to match that of an oil tanker nothing to do with the heist but on a list of US sanctions against Iran as a result most of the transfer orders were flagged as suspicious and blocked by the Fed and there were other reasons the transfer requests could have aroused suspicion they were different to most payments made by Bangladesh Bank they weren't formatted properly and these were large payments to individuals rather than organizations but largely because the requests appeared to be authenticated by Swift 81 million dollars was sent [Music] when I use my card in a foreign country for example or for a sudden large purchase it can trigger a simple fraud inquiry from my bank real time monitoring the technology is quite straightforward but in the case of the heist nothing like that happened at the Fed the vast majority of these payment requests that arrived on the doorstep of the New York Fed are automatically executed you know they come to the Swift Network they have all the boxes ticked they're Swift authenticated and so they automatically growth the door but Fed staff were concerned enough about some of the payments to try to contact bangladesh bank at the end of Thursday they sent a message using Swift and two more on Friday but hackers had compromised Bangladesh banks Swift system and sabotage the crucial printer in the Decker office it wasn't until Saturday that Bangladesh Bank staff realized what had happened and tried to contact the Fed urgently but could only use numbers they found on the internet lines that weren't answered at the weekend on Monday Bangladesh Bank finally got messages through to New York saying they'd been hacked it would have been seen as staff arrived for work in New York at 7:30 in the morning the Fed declined our invitation to provide someone for interview but said this while the event in February 2016 did not result in a breach or compromise of the New York Fed systems we did view this as an opportunity to further strengthen the safety of global payments the New York Fed performs certain screening of and diligence on funds transfers sent both to and from the accounts of foreign central banks on our books the robustness of cyber security around the global payment system must continue to be a priority for each participant in the chain Brussels Elgin capital and home to European institutions as well as the headquarters of Swift a cooperative organization owned by the banks that use it well in 1973 you have to go back to then banks were sending messages to each other using the telex imagine getting 10,000 faxes a day not very secure not very automated so 239 banks from 15 countries said hey let's use computers 1973 let's use global telecommunications and try to get it to work and they formed the Society for worldwide interbank financial telecommunication Swift and today a fast forward its thousands of banks hundreds of 200 countries and trillions of dollars a day flow through the Swift Network over 10 trillion a day now and it was Swift's messaging system that the hackers access to send messages to the Fed we always realize that Swift sweetspot were at the users terminal at the at the endpoints was we're not responsible for the the physical security and for them keeping their own passwords safe and secure and other credentials and over time you can imagine as cybercrime became much more sophisticated Swift should have been doing more or could have been doing more as we all know today Swift declined to be interviewed but said there is no indication that Swift's network or core messaging services have been compromised in the recent attacks on banks while our customers are individually responsible for the security of their own environments we fully recognize that the security of the industry as a whole is a shared responsibility in mid-2016 we launched a customer security program to reinforce the local security of their Swift related infrastructure and the organization has introduced changes users like Bangladesh Bank now require more than just a username and a password to login under pressure over the heist changes have been made at some of the big institutions but will they be enough to stay ahead of the hackers and who was behind this audacious theft what happened to much of the money that was played at casino tables in the Philippines isn't known but analysis by US authorities and cybersecurity experts says the digital fingerprint found at the scene of the crime Bangladesh banks computer systems points to North Korea in the UK the defense company bae systems is subject to frequent attacks by hackers and helps other organizations defend themselves from cybercrime according to its experts the bangladesh bank heist bares the hallmark of other attacks a distinctive code used to erase the tracks of hackers that also featured in an attack on Sony Pictures in 2014 the US government has blamed that on North Korea a claim that North Korea denies so we've got a few clues from the tools that these attackers used in Bangladesh Bank and other attacks that we've seen and the tools are very specific to a group called Lazarus and this is a name that's been given by the security community and it's a group that has been involved in attacks on South Korea they've been involved in attacks in the u.s. we've seen them in attacks in Europe as well and they're almost certainly behind this this Bangladesh bank heist as well the Russian cybersecurity firm Kaspersky Lab has also said it found digital evidence that Lazarus hackers made a direct connection from an IP address in North Korea to a server in Europe used to control systems infected by the group Kaspersky said that was the first time they've seen a direct connection between Lazarus and North Korea and while it's possible the Bangladesh hackers were trying to frame Pyongyang North Korean involvement was the most likely explanation and in 2017 the then Deputy Director of the National Security Agency said private sector research linking North Korea to the heist was strong that linkage from Sony actors to the Bangladeshi bank actors is accurate that means a nation state is robbing banks that's a big deal that's different and do you believe that there are nation states now robbing banks is that your assessment I do allegations of hacking whether from security firms or officials in the United States and South Korea are all denied by the North Korean government but no matter who is behind the Bangladesh Bank job North Korea or an unknown crime syndicate could there be another cyber heist well there have already been more attempts in 2017 Taiwan's far eastern international bank was attacked by hackers trying to steal millions of dollars using the Swift payment system the banks declined to comment Russia's central bank has said hackers took control of computers at an unnamed Russian Bank in 2017 and used the Swift system to steal six million dollars and in February 2018 hackers tried to steal nearly two million dollars from India's city Union Bank the Bank said there were similarities with the Bangladesh case on the trail of the missing millions I've visited many places from the heart of the global financial system to developing countries all with different levels of technological sophistication but their banks all share one thing the messaging system Swift and hackers have realized its users can make themselves vulnerable maybe Bangladesh is a victim but but it is at the cost of Bangladesh that the Global payment system is improving but enforcing the highest standards internationally is a challenge where I think the vulnerability is is there isn't a global a more global a coordinated response to these threats and the hackers have not gone away the Bangladesh heist was a wake-up call for the international banking system changes have been made but the threat from hackers is constantly evolving and many institutions regard cyber security as the biggest risk they face today you

Info

Channel: Al Jazeera English

Views: 1,124,649

Rating: 4.782661 out of 5

Keywords: aljazeera, aljazeera english, al jazeera english, robbery, aljazeera news, philippines, bangladesh, Hacked: The Bangladesh Bank Heist, Bangladesh Bank Heist, Bank Heist, Bangladesh Bank, Heist, Bangladesh's central bank, Federal Reserve Bank of New York, Philippine casino system, cyber-hackers, money laundering, bangladesh al jazeera, al jazeera bangladesh, bangladesh dhaka, dhaka bangladesh, cyber security, robbing bank, murky

Id: 6Y9UaLKbZQ0

Channel Id: undefined

Length: 26min 0sec (1560 seconds)

Published: Thu May 24 2018

Reddit Comments

Misleading title. How is the problem with SWIFT as you say ? The symantec expert confirms that it's the Bangladeshi central bank was the corrupt party rather than the SWIFT system.

👍︎︎ 12 👤︎︎ u/Are-u-shpongld 📅︎︎ May 26 2018 🗫︎ replies

Aljazeera missed one incident which took place weeks after the hacking. Weeks after, when CID had started investigation, a fire broke out in central bank's important floor. Eventually many important files lost. I think that indicates the involvement of inside the bank.

👍︎︎ 1 👤︎︎ u/Americali 📅︎︎ May 27 2018 🗫︎ replies

👍︎︎ 1 👤︎︎ u/D1STURBED91 📅︎︎ May 28 2018 🗫︎ replies