The classic bank robbery, in which cash is stolen under threat of violence, is increasingly becoming a thing of the past. Instead, hackers are trying to invade the network of banks and even central banks in the form of cyber attacks and withdraw amounts in the millions.
The biggest cyber bank robbery in history, $951 million, failed because of a tiny typo (recipient’s name was misspelled). Nevertheless, the hackers managed to capture 81 million US dollars from the Bank of Bangladesh.
According to the Russian IT security company Kaspersky, around 100 financial institutions worldwide have been robbed by cyber attacks in the last two years, with damage amounting to around 1 billion US dollars.
Banks and hackers are in a race that financial institutions all too often lose. As a consequence, the ECB has set up a reporting office for cyber attacks.
The process of Bitcoin loophole
Digital bank robberies, such as that at the Bangladesh Central Bank, usually follow a similar pattern: Hackers search for a vulnerability in the bank’s IT system and gain access to it Malware is being installed Access data is read out at the interface to the SWIFT system and a circumvention of the security measures is installed. On the day of the bank robbery, the malicious program becomes active and properly instructs the Bitcoin loophole via the SWIFT payment system. Details about the Bitcoin loophole can be found in this review.
To avoid being exposed, the malware disguises or manipulates all reports and logs so that only the hackers get information about the transactions and have enough time to set the money aside.
The fact that hackers are increasingly able to locate weak points in banks’ IT systems is partly due to the fact that their systems are often outdated and have in some cases already exceeded their lifecycles. In addition, a large proportion of the applications used are provided by external providers, making it difficult to keep track of and control one’s own IT security.
Avoiding cyber attacks with the news spy
The current incidents regarding the news spy of banks raise the question of whether new, decentralized IT solutions based on the blockchain would not make sense. After all, banks’ current IT standards no longer seem to be sufficient to ensure the news spy of bank deposits and prevent attacks on the central banking network.
If one were to make use of the logic of the blockchain, one could avoid the danger that a single computer could paralyze the entire transaction infrastructure of a bank or bank network by being infected with malware. If the money were transferred via a blockchain, there would be no danger that the banks’ IT systems would give different information about the transactions due to a hacker attack. The IT systems responsible for the transactions would be decentrally connected and cryptographically secured, so that no single central unit in the system would be able to fool the other IT systems or participants into believing anything.
What the concrete implementation of such a new IT security system, based on the blockchain, could look like is rather uncertain so far. Nevertheless, many banks, especially in the banking consortium called R3, are working together to look for possible applications for the blockchain technology. The cooperative banking network SWIFT, which regulates transaction traffic, is already working on decentralized solutions to increase IT security (click here for the article).
However, at this point we can also refer to a quote from Bill Gates, who said: “Banking is necessary, banks are not”. In this sense, bank customers can ask themselves the question of whether they want to use a bank to transfer money at all or not directly access a digital peer-to-peer currency such as Bitcoin.