Behind the scenes of a massive robbery at the Bangladesh Central Bank has been revealed. Hackers breached Bangladesh's cyber security to steal over $1 billion. The FBI is linking a North Korea-based cyber hacking team called the Lazarus Group to the heist. The suspects include an individual named Park Jin-hyok. Philippine authorities have managed to recover some of the stolen money, but a huge amount is still missing. This incident highlights the cybersecurity vulnerabilities of banks around the world and warns that similar attacks could happen in the future.

When Zubair Ben Huda, the Bangladesh Central Bank's on-call supervisor, entered the 30-story headquarters building in Dhaka at 8:45 a.m. on Friday, February 5, 2016, he had no idea he was about to face the biggest robbery attempt in history.

Taking the elevator to the ninth floor, Ben Huda had just entered the "transaction room" of the Accounting and Budget Department, where only a few people are allowed to enter, when suddenly the printer that prints out messages showing Swift transactions broke down.

International Swift instructions could not be displayed, while the on-duty supervisor, who had previously checked the device, which had suffered minor malfunctions, was trying to find the source of the problem. Otherwise, the technical team could not be reached as it was a public holiday in Bangladesh.


Since the Central Bank of Bangladesh had not taken steps towards digitalization, this printer was vital as administrative staff sent messages and filed printouts of large remittance instructions over standard phone lines and other channels.

Efforts were made to fix the device, but to no avail, and transfers could not be viewed due to a public holiday. Speaking to officials, Ben Huda tried to clarify the situation, saying, "These small glitches happen all the time." However, the picture was not getting any better.

On February 5, no one even thought that the incident could be related to a hacker attack. Unidentified hackers had infiltrated the bank's system and launched an unprecedented cyber-attack, with the sole purpose of transferring billions of dollars controlled by the Central Bank to other accounts through various account transactions.


The magnitude of the robbery began to emerge a day later. Bangladeshi officials who managed to get the printer working received three messages from the Federal Reserve Bank of New York. A Fed employee wrote to Bangladesh asking for an explanation about 46 payment orders received in the last 24 hours.

The Fed had never before received requests from the bank to transfer such large sums of money. It had been instructed to transfer nearly $1 billion worth of money.

"There must be a mistake," Ben Huda thought. The central bank rarely sent the Fed more than two or three payment instructions in a day, even during business hours.

The Bangladeshi authorities started going through the files to find out more. Which account did the money go to? The statements they could find were corrupted and unreadable. Realizing there had been a serious mistake, Ben Huda panicked and wasn't sure where to turn.

He called the organization's Brussels head office and emailed the head of the Swift tracing unit. He tried to reach the Fed in New York by phone, but the bank was closed for the weekend.

Answering questions at an investigation after the incident, the central bank's on-call supervisor said he sent emails and faxes to stop all payment transactions. Although no one realized it yet, they were facing the most daring bank robbery ever seen.

The hackers used charities, online casinos, fake bank accounts and a vast network of collaborators to withdraw the money.


Adrian Nish, director of Intelligence at BAE Systems, an employee of a UK cybersecurity firm investigating the attack on Bangladesh Bank, said he found that it used "minimal" security systems.

Even for skilled hackers, the most convenient way to infiltrate the Swift system is through other member banks. Over the past three years, hackers have infiltrated the computer networks of banks in Ecuador, Taiwan, Vietnam, Poland, India and Russia, trying to send fraudulent payment instructions through the Swift network. Although various mechanisms have been put in place against hackers exploiting vulnerabilities, millions of dollars have been lost during this time.