Recently, a group of hackers learned the hard way that the devil is in the details. And in this case, the only thing standing between a group of cyber criminals and a $1 billion dollar heist was the word "foundation."
The hackers were targeting the Bangladesh Central Bank and the New York Federal Reserve Bank. They breached the Bangladesh Central Bank's systems and stole its credentials, which they then used to bombard the NY Federal Reserve and move money to the Phillippines and Sri Lanka. A total of $81 million was moved to the Philippines before it was held up by a request to a Sri Lankan non-profit organization called the Shalika Foundation.
The problem that killed their scheme? The hackers misspelled Shalika Foundation as "fandation". This single mistake prompted routing bank, Deutsche Bank, to seek clarification from the Bangladesh Central bank which promptly stopped the transaction. There is no NGO under the name of Shalika Foundation. Reuters could not immediately find contact information for the organization. The high number of payment instructions and transfer requests raised suspicions in New York, and they also alerted Bangladesh. The Bangladesh Central Bank has billions of dollars in an account with the Federal Reserve, which it uses for international settlements.
The transactions that were stopped totaled between $850m and $870m, according to officials. The Bangladesh Central Bank has recovered some of the successfully-stolen $81m. They are working with authorities in the Philippines to try and recover the rest of the money. The global scale of the heist underscores the threat of cyber crime and the ability for hackers to infiltrate even the most secure networks. Months later, Bangladesh officials are still scrambling to trace the origin of the money. There is little hope of catching the culprits, and experts believe the attack originated outside of Bangladesh.
The New York Federal Reserve claims its systems were not breached, and has been working with the Bangladesh Central Bank since the incident occurred. Cyber security experts found hacker footprints on the Bangladesh central bank's systems.
Cyber crime has been on the rise in recent years. Last year, computer security company Kaspersky Lab estimated that a multinational gang of cyber-criminals stole as much as $1 billion from up to 100 financial institutions over the span of two years. Over a decade ago, Saddam Hussein's son Qusay stole $1 billion from Iraq's central bank in 2003 before the coalition began its bombing, according to American and Iraqi officials.