Cyberattacks on the Developing World
We usually hear about US or European banks and financial institutions being targets for hackers. However, as more developing nations improve their technology and expand Internet capabilities, they too become a target. This is exactly what happened this week when a Bangladeshi bank was compromised and US$81 million was stolen and transferred to the Philippines. The hackers actually tried to steal over $900 million, but only some of the transfers went through the system.
The hackers started the heist weeks ago prior to being discovered, meaning they had plenty of time to analyze, uncover poor security layers and steal data. It is estimated that they were able to compromise approximately 32 computers on the bank network and uploaded malware named evtdiag.exe. The malware then installed other hacking tools such as keyloggers to steal sensitive data including user credentials from banking employees.
The Bangladeshi central bank implemented SWIFT, which is a network used by financial institutions to transmit transactions across a network. Since the hackers were able to place keyloggers on local machines, passwords and encryption were no longer a hurdle. Keyloggers log keystrokes on a computer and send the data to a third-party, in this case hackers. The hackers also had remote access to the central bankâ€™s network hubs.
With access to machines and employee credentials, the hackers sent fraudulent transactions directly from the internal bank systems to avoid detection.
Unfortunately, this is the first of what will likely be an ongoing trend in the future. As developing countries increase their Internet coverage, they soon will be a major target for hackers. These developing countries have increased their economic and financial conditions so as to become a part of the global market. As their economy improves further, so will their financial throughput and thereby their desirability as a target for hackers.
While the internet becomes a more and more critical part of various industries in developing countries, few local experts sufficiently understand security. Roughly speaking, many high value targets in these regions face current hackers with defenses that are 10 or more years old. It is imperative that financial institutions, governments, and infrastructure providers grow their security technology along with their public Internet access. Without the right security in place, the central bank hacking situation will be commonplace in the near future.