Wi-Fi, hacking and the ‘Great Chilean Bank Robbery’

Gone! More than $10 million disappeared on May 24 from Banco de Chile as hackers employed new techniques to “obfuscate” the theft. Initiating the attack with a virus that forced the shutdown of over 9,000 bank branch computers and distracted security experts from the real thrust of the attack, the thieves managed to both disrupt bank operations and cover their tracks as they extracted $10 million, which ultimately ended up in a Hong Kong bank.

Following closely on the success of this attack, cyber thieves also attacked Mexican banking with great success, siphoning off hundreds of millions of pesos from several banks. By placing phantom orders and falsifying multiple accounts, the cyber bank robbers used the banking system’s SWIFT messaging system (Society for Worldwide Interbank Financial Telecommunications) to facilitate the attack, securely transmitting information and instructions through a standardised system of codes.

Based on a global network of banks which was founded in 1974, SWIFT allows rapid transfer of funds globally. However, the system handles enormous volumes of traffic each day, providing opportunities for fraudulent transactions from well-planned activities hidden in plain sight as normal banking transfers. Each day, more than 24 million transactions pass through the nearly 10,000 banking and financial institutions globally.

SWIFT relies on an eight or 11-character code, called the bank identifier code (BIC) or SWIFT ID, to effect the transfers. The enormous number of daily transfers requires automation which heretofore provided a secure means of transfer. The growing number of SWIFT transactions worldwide and implementation of automation and new software solutions has also opened new opportunities for cyber thieves.

In the US, well-funded advanced Russian cyber hackers have developed new measures to infiltrate home Wi-Fi. These hackers are using known weaknesses to gain access to home routers, to gain access to personal credentials and private information. Once inside the router, these criminals have access to all the devices connected to your system. Entry allows these cyber thieves to identify other vulnerable devices, access all device configurations and information and map the internal network. After accessing usernames and passwords, criminals are able to act as network administrators and continue to harvest additional critical information, including modifying firmware and operating systems, reconfiguring the system, and spying on all additional network traffic. Where will your information end up? Ultimately, all of your traffic will end up passing through and being stored on Russian-controlled servers for future malicious activity.

How can we protect ourselves? Firstly, update your router’s firmware. To do so, use your browser to find the router’s admin page. From there, find the “Advanced” or “Management” section to look for firmware updates. Download the new updates and apply them to your system. To be safe, you will need to check for firmware updates quarterly. To update the firmware, you will need your router’s password. If you have forgotten the router administrator password, you can find the information online at the router manufacturer’s site, which provides another reason for you to change the password!

With the FIFA World Cup underway, another attack vector is being employed to target football fans as they travel to Russia for the games. Researchers are constantly uncovering new opportunities for hackers to access personal data from mobile phones, tablets, laptops, or other personal electronic devices.

In early June, William Evanina, director of the US National Counterintelligence and Security Centre, issued a statement saying, “Anyone traveling to Russia to attend the World Cup should be clear-eyed about the cyber risks involved.” British security agencies issued similar warnings to their citizens traveling to the games, as have other private security experts.

Criminal organisations have actively been performing ransomware and other malware attacks, which have disrupted shipping and production lines of countries across the globe, including several in India. The widespread proliferation of commercial malware makes it far easier for international criminal networks to instigate attacks and change their tactics before their threats can be recognised.

The recent summit of US President Donald Trump and North Korean leader Kim Jong-un may have reduced the threat of nuclear confrontation, but is sure to raise the stakes in aggressive cyber operations, where countries such as Russia, China and Iran, as well as North Korea, will continue to develop and use low-cost cyber tools to achieve long-range strategic objectives, and finance future attacks. North Korean cyber experts reportedly developed and launched the WannaCry ransomware in May 2017. Additionally, US officials assessed that North Korea conducted the cyber theft of $81 million from the Bank of Bangladesh in 2016.

Closer to India, China is expected to continue significant cyber operations against private industry, defence contractors, IT and communications services and companies, as it increases espionage activities worldwide. This may also extend to collecting information on individuals. In addition to updating your router’s firmware, be sure your personal information is safe by following these cyber precautions:

1. Watch for impersonators trying to collect your data online! These “phishing” attempts can come in emails assumed to be from banks or other activities in which you are engaged but may have false or alternative addresses in the “links” to reply in the emails. Never click on a link in an email. It is always best to use your browser to find the real bank or institution.

2. Encrypt your data using encryption software whenever possible.

3. Make sure you back up your important information on the Cloud or a separate storage drive in case your computer is corrupted with ransomware.

4. Keep passwords private and use strong passwords to protect your devices.

5. Don’t overshare your data on social networking sites.

(Iyengar is Distinguished Ryder Professor and Director, School of Computing and Information Sciences, Florida International University; Miller is Associate Director, Robotics and Wireless Systems at Discovery Lab, FIU; Madni is Distinguished Scientist, UCLA Electrical and Computer Engineering Department)