Skip to content

$10 router blamed in Bangladesh bank hack – BBC


Hackers managed to steal $80m (£56m) from Bangladesh’s central bank because it skimped on network hardware and security software, reports Reuters.

The bank had no firewall and used second-hand routers that cost $10 to connect to global financial networks.

Better security and hardware would have hampered the attackers, Reuters said, quoting an official investigator.

The hackers aimed to steal $1bn but made mistakes that led to the theft being spotted and stopped.

Better defence

A firewall would have made attempts to hack the bank more “difficult”, Mohammad Shah Alam, a forensic investigator who works on the Bangladesh team investigating the theft, told Reuters.

The second-hand hardware also meant that basic security steps to segregate network traffic were not taken, he said.

The cheap routers have hindered the investigation, said Mr Alam, because they collected very little network data that could be used to pinpoint the hackers and shed light on their tactics.

The hack took place in early February and involved hackers getting access to the core network of Bangladesh’s central bank. They used this privileged access to transfer cash from Bangladesh’s account at the Federal Reserve Bank of New York to other banks.

A spelling mistake in one of the transfer orders alerted bank staff and meant the hackers only managed to steal $81m. This has been traced to accounts in the Philippines and to casinos in the same country. Most of the cash has yet to be recovered.


Take away message:

  1. Hackers must learn to spell.
  2. Banks must use firewalls.
  3. If you’re going to hack anyone, target their router.
Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: