It takes a lot of time and planning to execute a cyber heist as big as what the world witnessed in 2016 in Bangladesh Central Bank. The attempt was organized and well-networked but somewhere along the way, it pointed out the failings of the digital security system and the loopholes that need to be addressed immediately. 

What Really Happened? 

With money being digitized at many stores now and a larger number of locations accepting digital money transfers from apps like Venmo, PayPal, or direct bank account transactions, it is obvious that the burden on the security system has drastically increased. 

However, even with the right measures in place, the hack was complex enough to manage several lines of attack without raising an eyebrow. The culprits were able to get access to the SWIFT system of messaging that the bank used for financial transfers. Consequently, they requested the New York Fed to transfer money to different bank accounts in South Asia. Moreover, they disables BCB’s printers so that the Fed was not able to confirm the identity before completing the transaction. By the time the system was up and running again, it was too late and the requested money had already been sent out. 

How Much Was The Security System At Fault? 

Needless to say, the banks are already using state-of-the art security systems to ensure that their client’s money and transactions are always safeguarded. The system might have been a fault at some level but, later on, analysts could point up how human error and failure on part of the authority paved way for such an unfortunate event. Some questions that arose later on included: 

• How did Riza Commercial Banking Corporation allow unauthenticated users to open accounts with fake documents? 
• Why weren’t the official guidelines followed for the installation and use of SWIFT that eventually results in security compromise? 
• Should the request via SWIFT be followed without confirmation with the BCB? 

If there is anything to learn from this event, it is that regardless of the security protocols and encrypted layers that banks and apps offer, users need to take some responsibility into their own as well if they wish to avoid scams and frauds that can happen in the digital world without any prior warning. Although money transfers are becoming more and more convenient with Apple Pay at widespread locations taking contactless payments and banks allowing you to send money to other accounts within seconds, there is a need to educate both, individuals and larger companies, on how to secure their data and finances. Cyber thieves are often able to exploit vulnerabilities in security procedures to their benefit. In order to curb serious losses, it is important to learn how to maximize defense and smart use of such technologies.