A Bangladesh police deputy inspector general investigating the theft of $81 million from the Bangladesh central bank is focusing his investigation on some of the information technology technicians at the bank.
According to a report by Reuters, the investigator, Mohammad Shah Alam, suspects some of the IT technicians hooked up the central bank’s transaction system to the public internet, which paved the way for the hackers to get in. The investigator, in a series of interviews during December, disclosed his hunch in details discussing how insiders at Bangladesh Bank could have helped the bad guys in the massive cyberattack and theft. Alam said he was looking into why a password token that protects the SWIFT international transactions network was left in the SWIFT server for a few months before the theft. That password token is required to be removed and locked in a vault each day. By leaving the token in the server, the hackers could get in without anyone knowing to infect it with malware and then do the fake transfer, noted the report.
The report noted that Alam said, based on the investigation, central bank IT staffers were likely providing insider help to the hackers. When asked if he has any proof, Alam responded by saying: “There were a number of other things, which, if the Bangladesh Bank people had not done, the hacking would not have been possible.” By linking the SWIFT network to the public internet, which Alam contends the IT workers did last year, it made a very secure network accessible to any computer outside of the network.
Earlier this month, Alam told Reuters he had solid leads into who was behind the cyberattack and that some Bangladesh central bank officials are believed to have purposely exposed the financial institution’s computer systems, which enabled hackers to pull off what’s considered to be the largest bank heist in history. Now, Alam is expanding that to say it was IT workers.