April 26, 2016 by Tris Hussey

Bangladesh Central Bank Hacked Because They Used a $10 Router

Bangladesh Central Bank Hacked Because They Used a $10 Router

Or Why You Need Professional Network Support

Honestly I couldn't believe what I was reading when I saw this headline: Bangladesh Bank exposed to hackers by cheap switches, no firewall: police. Wait, what? The words "cheap switches" and "no firewall" have no business being anywhere close to the word "bank". Heck any basic home router you get for home comes with a firewall that is automatically turned on, it might not be the best, hard core firewall in the world, but it's there an turned on.

But this was a bank and not just any old bank, but the central bank for Bangladesh. This is like the US Federal Reserve getting hacked. This is serious business. This is threatening national security kind of business. So what freakin' happened?!?!

That, friends, is what a lot of people want to know right now. How did the part of the bank that handles SWIFT transfers have network security so crappy that it makes my home router look like Fort Knox? This story is going to play out for a while and you can bet that a bunch of people are going to get fired, but let's talk about the real problem—lots of people think they get network security and don't get experts in to make sure their secure network actually is.

There is a huge difference between home and enterprise network gear

At home, a basic router with its built-in firewall is fine. Your home network is protected from casual snoopers and script kiddies who are looking for kicks (assuming you keep the router's software updated, but that's a story for another day). Most of us don't need to go to extremes to protect our home networks. If you're running an international spy ring from your suburban bungalow, then you're in a whole different league (and probably in a spy movie, but I digress). The fact is that hackers aren't really interested in hacking your network, the juicy targets are businesses and governments. That's where the money and all things worth stealing are.

Which is why enterprise-grade network gear is in a league of its own. Enterprise gear has features like alerts, logging, proactive defensive triggers, and customization features that help sys admins protect their networks. A home router would fall like a domino under a true hacking attempt, corporate networks are built to withstand attacks and let people know when there is a problem.

The difference is like digging a ditch with a shovel versus a backhoe. Enterprise gear is designed to manage tremendous amounts of data and deal with the threats that companies face on a daily basis. Home gear just can't cut it—and it doesn't need to either. The thing about enterprise gear is that it isn't plug and play, enterprise gear needs to be set up and configured by someone who knows networks, security, that vendor's hardware, and is constantly honing their skills so the company network remains secure.

Network security is hard, complex, and ever-changing

Dispel any illusions you have that you can plug in an off the shelf router and firewall and have a secure network, that is a fairy tale. Vendors say their gear is easy to use and simple to set up, but that means simple to set up for professional. Network security is a discipline and profession of its own and it's hard. Today's network professional has to worry about people trying to hack into the network and malware infected machines within the network wreaking havoc. There is ransomware that can cripple a network if infected machines aren't isolated quickly. There is malware that opens backdoors in networks to let hackers in to come in and steal (or destroy) what they wish.

Yesterday's threat is old news, today there are a dozen that have taken its place. Fix one problem and two more are discovered to manage. When you're managing a network, there is no downtime. There is no International All Hackers Take a Break Day. Keeping a network protected, secure, and running without a hitch for the people who depend on it is a full time job.

A job that must be taken seriously.

A job best not left to amateurs.

Which is what the Bangladesh Central Bank and SWIFT are being accused of in this multi-million dollar breach. Cheap, second-hand, home routers and switches being used for something that should have been using top of the line equipment. The equipment was so lacking for this task there aren't even logs for investigators to analyze to understand the attack. Monitoring? Nope. The glass room where the transactions were made wasn't monitored for problems 24/7 as it should have been. Basic security practices like logging out from secure terminals (or auto-log off after a certain amount of time) weren't being followed.

By all accounts, my home network is more secure than the Bangladesh Central Bank and the solution was very simple. Take security seriously, have experts come in to set up the network, have security experts monitor the network 24/7 for issues, and fix problems as they are discovered.

How secure is your network?

Not sure? Are your firewalls up to date? Is someone making sure hackers don't have access to your company files? Did you just order internet service, plug in a couple WiFi routers you picked up on sale and call it done? If I'm making you a little twitchy in your seat—good! Today every, single business needs to take network security seriously.

But not everyone is a network security expert. Most businesses can't afford to have a full time network person on staff. And that's where Microserve comes in.

How about you let us take a look at your network and see if there are some simple things that you can do to protect your company from hackers?

Your business is too important to risk being hacked because you set up your network yourself and hoped it was good enough.

Take a moment and contact Microserve and learn how we can help.

View All Posts