New York Federal Reserve Deflects Responsibility for $100 Million Cyber Heist, But Were Casinos Money Launderers?
Posted on: March 9, 2016, 11:28h.
Last updated on: March 9, 2016, 11:34h.
The New York Federal Reserve says it was involved in no wrongdoing in what appears to be a successful $100 million cyber heist last month.
On February 5, hackers looted the Central Bank of Bangladesh’s Federal Reserve Account, stored in Manhattan, by scheduling a $100 million wire transfer through the Society for Worldwide Interbank Financial Telecommunications network (SWIFT).
What happened next depends on who you believe.
The general understanding, however, is that the funds were promptly delivered from the Federal Reserve to Philippines bank Rizal Commercial Banking Corporation (RCBC), and then distributed through a black market foreign exchange broker, before being laundered internationally through at least three casinos.
New York Federal Reserve boss William Dudley said no compromise was experienced on his end, and that the responsibility needs to be placed on SWIFT.
“The payment instructions were fully authenticated by the SWIFT messaging system in accordance with standard authentication protocols,” Dudley spokeswoman Andrea Priest said in a press release.
Bangladesh authorities argue otherwise. “We kept money with the Federal Reserve Bank and irregularities must be with the people who handle the funds there,” Bangladesh Finance Minister Abul Maal Abdul Muhith explained to Bloomberg News.
Swift Action
Muhith told reporters on Tuesday that his country will take legal action to recoup the stolen funds, but didn’t go so far as to threaten an actual lawsuit against the NY branch (there are 12 in all) of the American federal banking system. Now more than a month since the alleged theft, and no party has yet taken the blame, to no one’s surprise given the potential legal repercussions.
Belgian-based SWIFT said it wouldn’t comment on individual cases, but did say that it authenticates “between sending and receiving institutions” before approving any transaction.
RCBC has also denied involvement, saying that it doesn’t work with gambling enterprises. The bank did confirm an $81 million deposit was completed through one of its branches and that its investigations division is probing the transfer.
Back in the US, the Fed says it’s working with the Bangladesh Central Bank, but retains its position that there’s no evidence the country’s account was breached.
The Federal Reserve in Manhattan provides banking accounts and transaction services for some 250 foreign countries. Bangladesh’s foreign currency reserve balance is currently around $27 billion.
More Safeguards Needed
While a $100 million transfer at your local community bank would certainly raise plenty of eyebrows, it likely didn’t cause much suspicion at the NY Federal Reserve, where more than $2.6 trillion in assets is (supposed to be) safeguarded.
Assuming the Bangladesh heist was indeed performed by criminals and not an inside job, the robbery should emphasize the continued need to create more sophisticated cyber safeguards. The largest Federal Reserve in the United States being so easily compromised is surely reason for much concern for just about everybody.
In fact, other federal institutions are taking proactive measures to better defend their operations online. Earlier this month, the Pentagon invited vetted hackers to try and infiltrate its private network and public websites.
“Hack the Pentagon” is a bounty competition where approved hackers are rewarded for infiltrating and exposing areas prone to intrusion.
“I am confident that this innovative initiative will strengthen our digital defenses and ultimately enhance our national security,” US Defense Secretary Ash Carter said of the certainly unusual, but apparently much-needed, program.
No comments yet