Slashdot Mirror

← Back to Stories (view on slashdot.org)

Bangladesh Bank, NY Fed Discuss Suing Manila Bank For Heist Damages (reuters.com)

Posted by msmash on from the it's-not-over dept.

An anonymous reader shares a report: Bangladesh's central bank has asked the Federal Reserve Bank of New York to join a lawsuit it plans to file against a Philippines bank for its role in one of the world's biggest cyber-heists, several sources said. The Fed is yet to respond formally, but there is no indication it would join the suit. Unidentified hackers stole $81 million from Bangladesh Bank's account at the New York Fed in February last year, using fraudulent orders on the SWIFT payments system. The money was sent to accounts at Manila-based Rizal Commercial Banking Corp and then disappeared into the casino industry in the Philippines.

2 of 29 comments (clear)

  1. Precedent by Anonymous Coward · · Score: 1, Interesting

    What court would hear this case? Philippines has already issued fines. If individuals (non-officers) within the bank choose to collude, can the bank be responsible if they meet minimum infosec requirements/regulations? And it's not like there are international cyber security regulations anyway. At the time, SWIFT was punk and didn't even strong recommend MFA.

    The need for an international court or tribunal, similar to maritime, is obviously necessary. But it will remain unadopted with the United States acting like morons and the rest of the world going along with it.

    I wonder how we'll behave in this regard after the singularity eliminates much of the purpose of the nation state.

  2. Re:Why is this an issue by FeelGood314 · · Score: 3, Interesting

    SWIFT is the accounting mechanism used by the banks between each other. The banks don't have physical currency that they move between each other it is all 1s and 0s like a crypto currency. When you do personal banking the receiving bank gets the 1s and 0s almost instantly and based on the nature of the transaction they have rules to stop the recipient from moving the money but as far as SWIFT is concerned the transaction can't be reversed. Now this type of transaction is extremely common for SWIFT and other than some one in Germany noticing* that the word "foundation" was miss spelled there was no reason for the transaction to be suspicious or even to be scrutinized. There might be some rules for the Philippines bank to stop the transfer to a casino but that's not something I would put a lot of faith in.

    *I suspect that some group within SWIFT knew the Bangladesh's central bank had terrible security and were looking at all transactions above a certain amount without telling the Bangladesh's central bank. It's just too lucky that someone just happened to notice something fishy. Central banks move hundreds of millions regularly to stabilize currency or to facilitate large state transactions. Their wasn't anything suspicious about these.