LISTEN LIVE KPR - On Air: Listen Live to classical, jazz and NPR news Schedule LATEST
KPR 2 - On Air: Listen live to KPR's all talk-radio service, KPR2 Recordings

Share this page              

$81 Million Bangladesh Bank Heist Sparks Push For Stepped-Up Cybersecurity

A vendor counts bank notes at a market in Dhaka, Bangladesh.

In the wake of a spectacular $81 million heist involving Bangladesh's central bank, the top official for the messaging system used to move billions of dollars every day throughout the global banking system says he's going on the offensive against cybercriminals.

Gottfried Leibbrandt, chief executive of the Society for Worldwide Interbank Financial Telecommunication (SWIFT), announced the plan today in Brussels.

The SWIFT messaging network links banks all over the world via what's been thought to be a highly secure means of sending instructions for money transfers. But Leibbrandt acknowledged at least two security breaches in addition to the Bangladesh theft in February. In one case, hackers stole $12 million from a bank in Ecuador. In another, they tried to steal money from a bank in Vietnam but were unsuccessful.

"The Bangladesh fraud is not an isolated incident," Leibbrandt said. "This is a big deal." According to the written version of his speech, Leibbrandt said that "the same modus operandi" was used in all three.

In the Bangladesh case, hackers tried to make fraudulent transfers totaling nearly $1 billion from the central bank's account with the Federal Reserve Bank in New York. Most of the payments were blocked, but $81 million in transfers went through. Investigators believe the stolen money was transferred to accounts in the Philippines.

The Federal Reserve has said in a statement that there is no evidence the hackers attempted to penetrate its systems. But, the Fed said, "the payment instructions in question were fully authenticated by the SWIFT messaging system." According to security experts with the British defense contractor BAE Systems, it appears that hackers were likely able to penetrate software that SWIFT provides to banks.

A post on BEA's Threat Research Blog said that:

"The general tools, techniques and procedures used in the attack may allow the gang to strike again. All financial institutions who run SWIFT Alliance Access and similar systems should be seriously reviewing their security now to make sure they too are not exposed."

Leibbrandt said SWIFT is "calling for a collective effort in our global financial community to reinforce the security of our entire, shared system." He laid out initiatives to help banks detect fraudulent payments before it's too late. SWIFT's website states that the five-part plan includes efforts to:

  • Improve information sharing among the global financial community;
  • Harden security requirements for customer-managed software to better protect their local environments, enhance our guidelines and develop security audit frameworks for customers;
  • Support banks' increased use of payment pattern controls to identify suspicious behavior; and
  • Introduce certification requirements for third party providers.

Former SWIFT chief executive Leanard Schrank says it appears that SWIFT's security efforts have not kept up with hackers' increased sophistication and that SWIFT officials have a big job ahead of them to restore the messaging system's reputation.

"They really have to earn that credibility back," he told Reuters.

Copyright 2016 NPR. To see more, visit

Tower Frequencies

91.5 FM KANU Lawrence, Topeka, Kansas City
89.7 FM KANH Emporia
99.5 FM K258BT Manhattan
97.9 FM K250AY Manhattan (KPR2)
91.3 FM  KANV Junction City, Olsburg
89.9 FM K210CR Atchison
90.3 FM KANQ Chanute
96.1 FM K241AR Lawrence (KPR2)

See the Coverage Map for more details

Contact Us

Kansas Public Radio
1120 West 11th Street
Lawrence, KS 66044
Download Map
785-864-4530 (Main Line)
888-577-5268 (Toll Free)