Bank robberies aren’t as exciting as they used to be when they were the stuff of Ocean’s Eleven style, or the coarser Bonnie and Clyde. No more black balaclavas or dead president masks. No more guns, no more physical threats. This is the age of the cyber thief, and Mexico’s recent $110-million bank heist didn’t even require a criminal to touch the money at all. With a push of a button it was gone--almost.
Gone, too, is the excitement of getting caught up in a bank robbery as dramatized on television. But the lack of physical excitement also means that no one needs to know when a bank’s been robbed. It’s all cyber, so it can all be kept on the down low.
That’s what happened when cyber bank thieves attempted to steal $110 million from Mexico’s Bancomext in January, and managed to keep the public from knowing until four months later.
According to Bloomberg, the cyber thieves are suspected of being North Korean and they infiltrated accounts in dozens of branch offices and then created phantom orders that wired funds to bogus accounts they set up. The accounts they infiltrated were at the Standard Chartered Plc accounts Bancomext uses for international wires.
And the North Korea suspicions arise from the fact that the transfers were disguised as donations from the Mexican bank to a Korean church.
The money never made it to its final destination thanks to some mid-level technician monitoring messages on the SWIFT network, and his alert came at a fortunate time: Banks in Korea were closed at the moment and Bancomext had enough time to reverse the wire transfers before the money was gone forever.
Mexico’s Central Bank has been rather lacking in measures to prevent cyber theft. That’s probably why the country’s domestic inter-bank payments system (SPEI) has lost $15 million in irregular transactions.
According to Reuters, phantom transfers have cost Mexican banks dearly, but silence reigns as banks try to avoid being punished for their failure to implement legally mandated protocols to guard against cyberattacks.
(Click to enlarge)
Mexico isn’t the only country dealing with cyber theft from banks. Related: Bitcoin Fights Back After Hitting Monthly Low
Two years ago, cyber criminals made away with $100 million from the Bangladesh central bank, by way of the New York Federal Reserve.
Ecuador's Banco del Austro and Vietnam's Tien Phong Commercial Joint Stock Bank were also victimized by hackers.
(Click to enlarge)
We don’t hear about it because banks don’t like to share—much like the American intelligence agencies don’t. While banks are necessarily wondering when the next boot is going to drop as cybercrime takes on a level that is increasingly difficult to combat, they’re also slightly (tongue-in-cheek) relieved that bank robberies are no longer physically flashy and very public. Balaclavas and machine guns make for runs on banks by jittery customers. With cybercrime, what depositors don’t know, won’t hurt them—so the logic goes.
But hackers are basking in this banking logic, and they’re counting on banks not sharing the threat.
By Charles Benavidez for Safehaven.com
More Top Reads From Safehaven.com