The central bank of Bangladesh fell vulnerable to hackers in an $81 million cyber-heist in early February. The head of the Forensic Training Institute of the Bangladesh police’s criminal investigation department, Mohamad Shah Alam is pointing to the the bank’s choice of hardware – and lack there of. The bank’s network was apparently not protected by a firewall, and utilized second-hand switches which cost around $10 a piece to piece together it’s network which was connected to the SWIFT global payment network, Reuters reported.
“You are talking about an organization that has access to billions of dollars and they are not taking even the most basic security precautions,” Jeff Wichman, a consultant with cyber firm Optiv told Reuters.
Former World Bank security team member Tom Kellerman referred to the security shortcomings described by Alam as “egregious”, and expects that there are a number of central banks in developing and emerging countries facing the same vulnerabilities.
“It could be difficult to hack if there was a firewall,” Alam said in an interview.
The takeaway from this incident, is that cutting corners on requisite hardware, and sacrificing sufficient technology to save a few bucks upfront could have catastrophic consequences. It’s never worth the risk.
