In Hollywood, daring bank heists are perpetrated by masked men in black, rappelling from wires, hacking the mainframe, and making a speedy getaway with only seconds to spare. But in the 21st century, even bank robbers are going digital.
This March, hackers in Bangladesh pulled off a massive, $101 million cyber bank heist that spanned the globe. The unidentified hackers reportedly breached the Bangladesh central bank, posed as Bangladeshi officials with stolen credentials, then sent a series of transfer requests to the New York Federal Reserve. According to a Federal reserve spokesperson, the transfer requests went through legitimate channels and complied with their authentication protocols.
In total, the Fed transferred $101 million to Asian bank accounts in Sri Lanka and the Philippines. The heist almost turned into a $1 billion disaster, but the thieves accidentally set off red flags by making a simple spelling error.
Reuters reported that “The hackers misspelled the name of a Sri Lankan non-governmental organisation, writing ‘foundation’ as ‘fandation’. That prompted a routing bank to query the transaction and led to the crime being stopped.”
In the United States, police respond to an estimated 38 million alarm activations annually, of which 94-98% are false alarms. But this may be the first case of a common typo acting as a final warning system.
Now, Bangladesh’s finance minister is pointing fingers at the U.S. Federal Reserve, while admitting that Bangladesh Bank failed to promptly report the crime to authorities. Today, the world’s largest banks transfer massive amounts of money using services like SWIFT, a Belgian-based, “member-owned cooperative that banks use for account transfer requests and other secure messages.”
A Fed spokesperson said, “The payment instructions in question were fully authenticated by the SWIFT messaging system in accordance with standard authentication protocols. The Fed has been working with the central bank since the incident occurred, and will continue to provide assistance as appropriate.”
These transfer systems have opened up new frontiers for bank robbers, who can hack into banks and steal millions while hiding behind a computer screen on the other side of the world.