New Attack Reported On Global Banking Network

[HardOCP News]

I still don't understand how things like this happen. And, while we are on the subject, I certainly don't know how the thieves could have been lurking inside the bank systems for months undetected. Who runs these things?

Thieves have again found their way into what was thought to be the most secure financial messaging system in the world and stolen money from a bank. The crime appears to be part of a broad online attack on global banking. New details about a second attack involving Swift — the messaging system used by thousands of banks and companies to move money around the world — are emerging as investigators are still trying to solve the $81 million heist from the central bank of Bangladesh in February.

 

[Deleted member 93354]

I know little in the details of SWIFT. But if It had good security, it would have a white list of computers. And if that white list issued a command, talk back to the banks central dispatch and confirm the command (verification to prevent spoofing IPs)

A central dispatch logger which records the transactions could then verify the machine it came from. (Also white listed by MAC and challenge response protocols)

 

[Deleted member 93354]

Any ways the thieves (unless already rich) are likely going to get caught eventually. They get cocky and stupid with their bravado of cracking a "safe" system. They think they won't be caught. Then they start spending a metric crap ton of money they didn't have before which ALWAYS raises eyebrows. It's the hubris of many a hacker, drug dealer, & lottery winner.

It's not like a painting you hide in a house somewhere. It's money. Money is spent or it's worthless.

 

[Sonicks]

Any ways the thieves (unless already rich) are likely going to get caught eventually. They get cocky and stupid with their bravado of cracking a "safe" system. They think they won't be caught. Then they start spending a metric crap ton of money they didn't have before which ALWAYS raises eyebrows. It's the hubris of many a hacker, drug dealer, & lottery winner.

It's not like a painting you hide in a house somewhere. It's money. Money is spent or it's worthless.

An attack like this isn't likely being perpetrated by anyone wanting to make money. Considering the target systems, these attacks are likely for disruption purposes. Delete the money, cause chaos. That's assuming an ordinary thief (or group of). It's simply too hard for me to imagine that someone would go to the length of finding a vulnerability with Swift just to start spending the money like they won the lottery. There's more to it than that.

If you consider that the attack may be originating from a country (like China, North Korea, etc...), then your point is moot. The money can and will be spent without anyone realizing it.