DHAKA: Three hacking groups “are still lurking” in the network of Bangladesh’s central bank, putting the bank at risk of further attacks about three months after it lost $81 million in a cyber heist, according to a report by US computer security firms investigating the theft.

“There are some residual risks that the governor and board should understand, namely that Bangladesh Bank network is still not secure, and there exists a possibility of malicious acts by hackers,” said the report from the experts hired by Bangladesh Bank, parts of which were seen by Reuters.

The source who shared the document declined to provide access to its full contents, saying that the release of some details could hamper a multinational effort to catch the criminals and recover funds stolen in the February cyber attack.

Bangladesh Bank has declined comment on pending investigations into the heist. Asked about the report, a spokesman said: “We have engaged forensic experts to investigate the whole thing, including this.” He did not elaborate.

Investigators have determined that one team of hackers, dubbed Group Zero in the report, was responsible for the heist and remained inside the network, the report stated.

Group Zero may be seeking to monitor the ongoing cyber investigations or cause other damage, but is unlikely to be able to order fraudulent fund transfers, the investigators wrote.

Two other groups are also inside the bank’s network, which is linked to the SWIFT international transaction system, the report found. One of the two is a “nation-state actor” engaged in stealing information in attacks that are stealthy but “not known to be destructive”, the report said.

The report, which was submitted earlier this month, did not further identify any of the groups.

A spokeswoman for SWIFT said she was unable to comment on the report.

SWIFT warned on Thursday of a malware attack on a commercial bank it did not name, similar to the hack at Bangladesh Bank.

Published in Dawn, May 14th, 2016

Opinion

Editorial

Judiciary’s SOS
Updated 28 Mar, 2024

Judiciary’s SOS

The ball is now in CJP Isa’s court, and he will feel pressure to take action.
Data protection
28 Mar, 2024

Data protection

WHAT do we want? Data protection laws. When do we want them? Immediately. Without delay, if we are to prevent ...
Selling humans
28 Mar, 2024

Selling humans

HUMAN traders feed off economic distress; they peddle promises of a better life to the impoverished who, mired in...
New terror wave
Updated 27 Mar, 2024

New terror wave

The time has come for decisive government action against militancy.
Development costs
27 Mar, 2024

Development costs

A HEFTY escalation of 30pc in the cost of ongoing federal development schemes is one of the many decisions where the...
Aitchison controversy
Updated 27 Mar, 2024

Aitchison controversy

It is hoped that higher authorities realise that politics and nepotism have no place in schools.