INVESTIGATORS FROM BAE Systems examining the $81m cyber heist at Bangladesh's central bank in February have suggested that there may be a connection with the devastating attack on Sony Pictures Entertainment in 2014.
Global banking payments organisation Swift warned that at least one other bank was targeted by the attackers, which BAE suggested is a Vietnamese commercial bank.
Swift has claimed that the malware used in both attacks is similar, although no money was stolen from the Vietnamese bank.
The forensic investigation indicates that it was not an isolated incident, but could be part of a wider campaign targeting banks.
BAE has also suggested that the malware used in the attacks against both banks exhibited "the same unique characteristics" as software used in Operation Blockbuster, a campaign that dates back to at least 2009 and includes the Sony hack, according to a Reuters report.
Bangladesh Bank was robbed of $81m in February after attackers gained access to its Swift payments infrastructure and filed a series of payments to an account at the Federal Reserve of New York. Subsequent reports revealed that Bangladesh Bank's security was completely ineffective.
The attackers attempted to make payments totalling $951m, but were stopped when Deutsche Bank, one of the correspondent banks routing the payments, raised a query over an obvious mis-spelling in the beneficiary's name in one of the payments. The attackers had already set up accounts with banks in Sri Lanka and the Philippines to receive the loot.
Naturally, if the suggestion is that the hackers behind the attacks on the Swift payments system and Sony Pictures are one and the same, some may well conjecture that the secretive North Korean state is behind it.
The finger of blame was pointed at North Korea when Sony Entertainment was forced to take its entire corporate network down. The attack coincided with the release of a film lampooning North Korean leader Kim Jong-un, and messages purporting to be from the attackers suggested that this was the reason why Sony Pictures had been targeted. Or it may just have been a convenient cover.
The recent attacks on banks and the Swift payments system indicate some inside knowledge of Swift and the way in which it works, which isn't exactly common knowledge, and an ability to craft sophisticated, targeted malware to support the attacks.
But that's all pure speculation on our part, of course. µ
C3-PO, R2-D2, BB-8 and other Androids
Helpful cyber vigilante gets short changed by customer services
...you know, now it's less confusing...
Firm will no longer provide updates for its first Android mobe