Hackers steal $81 million from a bank that had no firewall

Bangladeshi Bank Robbed Because of Its Cheap Equipment

Sometimes the best way to learn is from your mistakes, or at least someone else's mistakes. The central bank of Bangladesh just gave all of us future bank owners a very important lesson — don't skimp on network security.

SEE ALSO: Hackers demand $3.4 million in Hollywood hospital data attack

Hackers managed to steal about $81 million from Bangladesh Bank thanks to the bank's use of $10 network switches and a complete lack of firewalls, Reuters reported. It is one of the largest amounts stolen from a bank at once in history.

The theft happened in February when the hackers got into Bangladesh Bank's systems, grabbed credentials, and then made dozens of requests from the Federal Reserve Bank of New York to move money from Bangladesh to accounts in the Philippines and Sri Lanka. The transactions were stopped because they made a typo, spelling "foundation" as "fandation," which caused a routing bank to question the Bangladesh Bank.

Related: Boston art museum heist:

6 PHOTOS
Boston art museum heist
See Gallery
Hackers steal $81 million from a bank that had no firewall
BOSTON - MARCH 13: An empty frame on the right is where Vermeer's 'The Concert,' circa 1658 - 166, once was. In the background, the spot where Rembrandt's 'The Storm on the Sea of Galilee' used to be. The anniversary of a major art heist is coming up. (Photo by David L Ryan/The Boston Globe via Getty Images)
BOSTON - MARCH 19: The front page of The Boston Globe on March 19, 1990 featured a story about the Gardner Museum art heist. (Photo by The Boston Globe via Getty Images)
BOSTON, MA - MARCH 10: Anthony Amore, director of security for the Isabella Stewart Gardner Museum, gives The Boston Globe a tour of the museum, on Wednesday, March 10, 2010. The upcoming 20-year anniversary on March 18 marks the biggest art heist in history, with 13 priceless works taken by two men dressed as Boston Police officers. The museum is offering a $5 million reward and the FBI is offering immunity from prosecution and confidentiality to anyone who returns the works. (Photo by Pat Greenhouse/The Boston Globe via Getty Images)
BOSTON - MARCH 13: Spaces for missing Rembrandt paintings: 'A Lady and Gentlemen in Black,' circa 1633, and 'The Storm on the Sea Of Galilee,' also circa 1633. The anniversary of a major heist of art masterpieces is coming up. (Photo by David L Ryan/The Boston Globe via Getty Images)
BOSTON - MARCH 13: An empty frame with the wallpaper showing through, where Rembrandt's 'The Storm on the Sea of Galilee,' circa 1633, once was. The anniversary of a major art heist is coming up. (Photo by David L Ryan/The Boston Globe via Getty Images)
HIDE CAPTION
SHOW CAPTION
of
SEE ALL
BACK TO SLIDE

If the hackers didn't make that spelling error, they could have successfully stolen nearly $1 billion from the Bangladesh central bank, Reuters reported in March.

An investigation brought up the fact that Bangladesh Bank used very cheap network switches and had no firewall in place, making it incredibly easy for hackers to grab login credentials and the like. The bank's system, which is essentially open to anyone who can get their hands on credentials, is connected to the SWIFT global bank payment network, which is a network that allows for high-value bank transfers.

SEE ALSO: All the cyberattacks on the U.S. government (that we know of)

According to Reuters, the police have knowledge of people who received the money from the central bank of Bangladesh, but do not know the identities of the hackers. This is partially because of the bank's cheap hardware — better network switches would have been able to trace exactly where the hackers were accessing the network from.

A bit more money spent on even a minor amount of security could've saved Bangladesh Bank over $80 million.

Have something to add to this story? Share it in the comments.

Read Full Story

Sign up for Breaking News by AOL to get the latest breaking news alerts and updates delivered straight to your inbox.

Subscribe to our other newsletters

Emails may offer personalized content or ads. Learn more. You may unsubscribe any time.