Hacking has once again been making the headlines with a gang reportedly hacking the Bangladesh Bank’s account at the Federal Reserve Bank of New York.
The hackers got away with more than $80 million USD from Bangladesh’s Federal Reserve Bank, making it one of the largest heists of all time.
With transfer requests totalling nearly $1 billion, just the first four for $81 million to the Philippines were successful. It was only after the fifth attempt for $20 million that suspicions were raised, after the name of the beneficiary, Sri Lankan NGO, Shalika Foundation, was misspelled.
[Tweet “A spelling mistake prevented hackers taking $1bn in bank heist”]
The question is, how did they do it?
How it happened
According to FireEye Inc., who is helping to investigate, the hackers stole the Bangladesh Bank’s credentials for payments transfers through malicious software, known as malware.
The software was most likely a Remote Access Trojan (RAT) or a similar piece of spyware that allowed the hackers to take remote control of the bank’s computers.
The hackers potentially exploited a so-called Zero Day flaw in software that was unknown by the vendor and therefore had no protection.
After gaining access, the hackers were able to steal the Bangladesh Bank’s SWIFT credential for financial messaging which allowed them to make the transfers.
While no one knows yet whether this was a result of particularly advanced malware or if there were flaws in the Bangladesh Central Bank’s security system, the hack highlights both the potential scale and possible ways in for hacking today.
How To Protect Your Organization
While you may not be a central bank, the chances are that hackers could still be interested in you. From ransomware to gaining access to sensitive files or client data, a wide range of businesses are being targeted by hackers today.
Sadly, no organization has FULL protection from attacks, and while anti-virus software is a good first line of defence, it does not always provide adequate protection.
That is why a great way to get extra security is through the use of employee monitoring software.
Employee monitoring software can be installed remotely on all devices in your organization to monitor their activity; from the applications and websites used, to the emails they send and the files they access or copy.
The software can be customized to alert managers when certain files are accessed or copied, as well as when certain websites or applications are used.
It is an excellent way to keep an eye on computers and monitor for any unusual activity. To learn more about KnowIT, click here