Tag Archives: Banking

Mar
23
2023

How a $10 Device Can Almost Cause a Bankruptcy – Cyber Bank Heist in Bangladesh

A little while ago the news got out that the Bangladeshi Federal Reserve bank lost 81 million dollars due to hack. They could have lost close to one billion dollars ($1,000,000,000) if the hackers didn’t make a silly spelling booboo in the recipient’s name…

The fact that these large sums aren’t transferred without a decent verification is worth a discussion on its own, but in this case I’d like to discuss the hardware protection of the bank… I almost don’t feel sorry anymore.

But why, what happened to the bank?

I learned this week from our friends at the hacker news that a $10 secondhand networking switch was used to protect the system that was connected to the SWIFT network. This is the network that controls the payments made to all accounts in the world.

I can’t grasp my mind about the fact that someone actually thought it was a good idea to buy and use this switch in a global network like SWIFT… I even can’t start to think about what the arguments must have been towards the manager or CISO who approved the use of this network switch…

Ow wait, I made an assumption here… I assumed that a manager or the CISO was involved in this process. I’m afraid they didn’t have the slightest clue that this switch sat there in their network, waiting to be hacked.

Can this happen again?

I’d like to say this is a single indecent, but the truth is that I see these types of boo boos a lot! Employees who don’t have decent Wi-Fi coverage at their work and bringing their own Wi-Fi router, setting it up with no encryption or a weak web encryption, leaving the corporate network open for the public, despite $100,000 firewalls protection the front door.

My educated guess is that the hackers have been in for a long time, and that they have prepared their battle well. Their spelling error though is a horrible script kiddie mistake, one they won’t forget.

How can we prevent this from happening?

There are a few options I think. First and foremost, know what’s in your network. Have a clear and backed up company policy when it comes to network equipment. Ensure that all devices in your network are known to you and are under secured patch management.

Second, identify core critical machines and connections in your network. In this case, the SWIFT network being available in one hop from the world is unimaginable to me. Set up multiple layers of protection, especially if you can make multimillion transactions automatically. I would love to see the identity and access management scenarios for this bank and this machine. It makes me wonder about the system itself. Does it trust anything it’s being told? Why aren’t we using 2 factor authentication for this, or dual authorization for that matter?

Last but not least, I strongly believe in monitoring. If the solution, digital protection services, had been deployed with help of the network sweep services, unknown equipment would have been detected instantly. This would have prevented this hack from happening.

Would you like to learn how we can test and protect your networks, drop a line! Nobody wants to hit the news with a statement that a $10 secondhand device was the cause of the billion dollar heist…

Mar
02
2023

Second Chance Account – Get a Second Chance at Banking!

What is a second chance account? A second chance account is a special internet bank account given to people who are unable to open any bank account because they owe a bank money.

Bad credit checking accounts have become fairly popular these days because of the recession. Many people have found their accounts at their bank frozen because they are unable to make payments to the bank for one reason or the other. What can you do in this case?

One option would be to simply not have banking account. But these days, this is a highly unappealing option because it’s pretty hard to do anything without one. For example, if you don’t have a checking account, you won’t be able to get any sort of loan.

The other option is to open up a bad credit banking account. This is, in fact, your best option. If you open up a second chance account, you will be able to deposit money, withdrawal money, and perform any other financial activity you can with a bank account. Basically, a second chance account is no different than any other sort of banking account.

If you want to get one of these special accounts, you will have to be prepared to pay more money, however. Second chance banking is more expensive than regular banking. You can expect to pay more free in one way or the other – perhaps higher banking transaction fees or higher monthly bank fees.

Ultimately, it’s up to you to decide whether a bad credit checking account is worth the higher cost. However, if you can’t actually open a bank account, you don’t have any other option.