Bangladesh’s central bank was vulnerable to hackers because it did not have a firewall and used second-hand, $10 switches to network computers connected to the SWIFT global payment network, an investigator into one of the world’s biggest cyber heists said.
The shortcomings made it easier for hackers to break into the system earlier this year and attempt to siphon off nearly $1 billion using the bank’s SWIFT credentials, said Mohammad Shah Alam, head of the Forensic Training Institute of the Bangladesh police’s criminal investigation department.
“It could be difficult to hack if there was a firewall,” Alam said.
The lack of sophisticated switches, which can cost several hundred dollars or more, also means it is difficult for investigators to figure out what the hackers did and where they might have been based, he added. The institute Alam heads includes a cyber crime division.
