CASE STUDY GROUP 2 Members: Maliha Suhrawardy - 183012053 Famiha Suhrawardy – 183012052 Jarin Anan – Jannatul Ferdous – Umme Humayara Rahman Course Title: Management Information System and E Commerce Course Code: BUS304 Submitted toShafayat Hossain Chowdhury Submission Date: May 14th, 2022 1. How did the hackers hack into Bangladesh Bank's System and how did they manage to steal the money? Ans: The hackers cleverly did the hacking on Thursday night because when it was Friday, New York Bank was working but the Bangladesh Bank was off and by the time Bangladesh Bank comes back on line, Federal Reserve Bank was off and it delayed the whole discovery by almost three days and as the hackers needed to transfer the money out of the New York Fed and need to send it somewhere so they wire it to accounts they had set up in the capital of Philippines and they chose 8th May which was a huge national holiday across the Asia, including the Philippines so when the Bangladesh Bank tried to contact the bank in the Philippines asking them to block the transactions at their end but everyone was off because of the holiday and the transfers went through. The hackers took the advantages of the different banks schedules which are all odds with one another so even when they discover the hack they struggle to communicate quickly enough to stop it. The hackers had broken into Bangladesh Bank’s Swift system and made transfers and almost all the money went to accounts in the Philippines. The hackers misrepresented themselves and send a couple of dozen emails to a variety of Bank of Bangladesh employees with a supposed resume and attached a zip file which contained a document which contained malicious executable code that began running on those people’s machines and when the employees opened and downloaded that malicious file then the hackers got the access and they move from these computers to ultimately their target, the Swift terminals. They basically dig on that machine for additional credentials and tried to jump from one machine to another and when they were moving through the organization they were cleaning up behind themselves. They wipe their viruses from the computers. They delete the digital records so there we was not any trace of them at Bangladesh Bank. The hackers needed to bypass all the printed-out copies of the transactions. Every time the printer tried to send a print-out to the printer, they would simply overwrite those files that contained content to print with simply zeros so nothing would print and instead there was all this blank paper in the printer and with the traces covered the heist was set to go. 2. Based on the class discussion on Security of IS, what measures could have possibly prevented this incident? In 2016, when the Bangladesh Bank was attacked by some hackers and lost almost 951 million US dollars. During that time, the bank didn’t have even basic security system. The security system used switches cost only about 10 US dollars, where good quality switches used t cost more than hundred US dollars. If there was a basic framework for security of information system, like the following than the heist could have been prevented. Information control: General Control: If the IT infrastructure was efficiently controlled through the proper monitoring of the hardware, software, data security, implementation, and administration. Suppose if the employee knew that the printer was not working properly than the incident would have been prevented. Also, there was no particular security for data and there was malware in the software, If the switches were more efficient then creating separate network would have been easier. Even during the holiday, the swift room should have been monitored by experts, , all of this could have been avoided if there was proper controlling. Application Control: The hackers entered into the system without any problem and processed their intention, if the input and output was monitored than it would not have happened. Identity Management: The hack was planted by an email, if there was a proper process for identifying unverified emails than the situation would not have arrived. Also, the hackers had done various transactional process, if there was tight security for those processes, then the hackers couldn’t have performed the transactions. Disaster Recovery Planning: The Bank didn’t have any planning, like what to do in that situation, it took them days to stop the transactions, as the US was on weekends, the bank could not able to suspend the transaction to a Philippine account as there was holiday too. So the bank didn’t have a plan for weekends on US. Access Control: When the hacker tried to make the transaction of the money of such huge amount, then it should have been a highly secured process for an example password or any biometric authentications, but it wasn’t. So highly effective access control could have diverted the situation. Firewalls: The investigations of the heist claimed that there were no firewalls in the Bangladesh Bank security system. Firewalls could have protected the system from unauthorized users. The network of the swift room should have been kept different from the other networks. Intrusion Detection System: This system could have detected the faulty email and it could have warned the organization about the upcoming hacking. Antivirus and Antispyware: If there was strong antivirus and antispyware in the system, then it could have identified the specific malware and deleted it immediately. If these basic measures were taken then the Bangladesh bank could have prevented the situation. Even after the big mishap, the bank didn’t learn it well. As there is no strong three tier security, the bank sends an email to the FED (New York) and then FED calls Bangladesh Bank over phone to confirm the transaction, and this system is maintained only for Bangladesh Bank so the security system is still not strong enough to handle such situation.