The Hacker

The history of computers can be divided into two parts: calculation and communication.

The concept behind any computational activity was, and is, to speed up and automate human actions. Primitive—and yet sophisticated—devices like the abacus were followed by mechanical adding machines and slide rules that took advantage of basic properties of numbers.

Stuff like the nature of logarithms, if you excuse the pun, which allowed a conversion between the simple operations of addition and subtraction and their more troublesome cousins, multiplication and division.

As computers became able to perform tasks that no one predicted one hundred years ago—such as allowing me to write this article, all the while spell-checking my work and letting me include pictures or video—the issue of communication became all-important.

Back in the days of MS-DOS, the operating system that drove the first IBM PC, a command line was the gold standard—a typed instruction, hit return on the keyboard, and the magic would begin. These days, whenever you see a black screen full of arcane commands being furiously typed by a geeky guy with a hoodie, you realize computer hacking is afoot.

Nerds relish in taking screengrabs of what is actually written as ‘code’—mostly it’s crap for downloading MP3s or some other trivial bullshit—grandmaster-level hacking it is not.

Hacks only became a thing as the comms side of computing expanded, first as monitors, printers, and other devices were hooked up, and then in the communications supernova of the mid-1990s, when computers got hooked up to the net.

Back then, you needed a modem to process the signal and comms were not for the fainthearted. Geeks mumbled about protocols and baud rates and your computer spoke to its siblings through the phone line.

Over twenty years before the mid-90s, the SWIFT system was created—the year was 1973, and log tables were the gold standard for mathematical calculation.

Log tables were look-up catalogs for logarithms and anti-logs, used to speed up manual computations. Electronic calculators were nail in the coffin for this laborious method of mathematical manipulation.

The SWIFT system was designed to replace TELEX and speed up international financial transactions—it took four years to go live. At around the same time, in 1975, something called Signalling System No. 7 was born. SS7 (which in German has the delightful name Zentraler Zeichengabekanal Nummer 7, or ZZK-7) is a protocol for routing international phone communications—made for simpler times, in recent years it has been cruelly hacked.

The first personal computer appeared in 1975, but it took some years for the fad to catch on—by 1983 there were two million, mainly playing games and performing three business operations: database management, spreadsheet operations, and text processing.

For twenty-first century hackers, the old SWIFT and SS7 protocols were the stuff of dreams. In an unconnected world, security was naive—within a bank, some staff members had appropriate credentials and dealt with the international routing of money—big money.

The great blackout—North Korea by night.

A couple of years ago, good old SWIFT was used in a classic hack, courtesy of a black hat operation originating, according to reliable sources, from North Korea—given the nature of the regime, the inference is that the hack was government-sanctioned.

The central bank of Bangladesh has its headquarters in the country’s capital, Dhaka. If you say it fast, ‘The Hacker’ sounds suspiciously like the city in question. I doubt the DPRK geeks will have made the link—rather, the choice of Bangladesh Bank (BDB) was driven by perceived poor security—banks in other developing nations were subsequently targeted.

D hack (sorry) was a multipart operation with many interesting features.

The first step was a standard phishing operation, similar to mails I get every day. A young, polite, and motivated banker sends in his resume—some obliging soul from the bank opens the attachment or perhaps clicks on a web link.

A virus is installed on a BDB computer and begins to prowl the internal bank network. It is searching for access to the SWIFT system and a strategy to get past the authentication protocol—it can do this in two ways: either by hacking the credentials or bypassing the request.

Forensic investigators established that the latter method was used—only eight bytes (eight characters, like the word COMPUTER) were replaced—that’s a pretty Zen hack.

The next step was to plan the financial heist. The hackers decided to steal one billion dollars from BDB by ordering transfers from its account at the New York Fed. Since the bank account held one billion, the plan was to steal the lot.

The choice of timing was exquisite. The transfer orders began on the evening of Thursday, local time, when the BDB staff had gone home for the weekend—in a Muslim country like Bangladesh, the weekend is Friday and Saturday.

New York began receiving requests in the early morning of Thursday due to the ten hour time difference. When the Bengalis returned to work Sunday, the NY Fed was shut for the weekend. A number of transfers were routed to the Philippines, where Monday was a holiday—the first day of the Lunar New Year.

Overall, the hackers had five days of confusion to play around with.

The BDB security system included a printer on the tenth floor that automatically supplied copies of all transactions—the hackers jammed the printer so that nothing at all was printed. When the bank staff solved the problem, the machine leapt into action, printing numerous queries from the New York bank to verify the transactions.

In the end, the hack ‘only’ succeeded in separating a hundred million bucks from its rightful owners—the people of Bangladesh. Mostly, that cash was laundered through casinos in Manila, which at the time had no regulation on the provenance of funds.

The washing of the hacked moneys is a tale for another day, but I cannot imagine it could take place without a substantial amount of corruption—the accounts in the Manila banks had five hundred bucks in them for over a year and suddenly received tens of millions. Go figure.

The hack was stopped for the most hilarious reasons when only ten percent of the transfer volume had been executed.

The Manila banks are located on Jupiter Street—the name coincided with an Iranian vessel on the US sanctions list, so the Fed queried it—not receiving a reply, it halted the transactions.

The second reason was even more amusing: the hackers tried to transfer several million dollars to the Shalika Foundation in Sri Lanka, a social services non-profit. As an aside, the organization was founded by Shalika Perera—the name undoubtedly derives from the Portuguese family name Pereira and the sexual meanderings of The India Road.

When the hackers wrote out the beneficiary, instead of foundation they spelt the word fundation.

Along with Dhaka and hacker, this has got to be one of the more subtle ironies of the dark web.

And surely the most costly pun of all time.

The India Road, Atmos Fear, Clear Eyes, and Folk Tales For Future Dreamers. QR links for smartphones and tablets.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.


%d bloggers like this: