Could Blockchain Have Prevented Bangladesh's Central Bank Hack?
This article by John Detrixhe for Bloomberg may be of interest to subscribers. Here is a section:
In the case of Bangladesh’s central bank, hackers used the Swift system to send messages to the New York Federal Reserve, instructing it to move the Bangladeshi bank’s cash into accounts in the Philippines. They impersonated bank officials to send the messages.
Skulduggery
Hackers also used malware to compromise the bank’s records, covering their tracks. That type of skulduggery, blockchain advocates say, would be immensely difficult using the encrypted ledger.
With blockchain, the statement of transactions is not kept in one place. Instead, the information is held on a network of computers that verify the data and keep each other honest.Hackers would have to break into the majority of computers on the network to cover their trail rather than just exploiting a single computer. For the biggest blockchains, such as bitcoin’s, that would mean hacking thousands of computers.
Swift has insisted that its core messaging service is secure and that the vulnerabilities are on the machines that interface with the network. Those computers are its members’ responsibility, the bank-owned cooperative says. Swift says its data center’s “golden copies” of transactions remained intact and could have been used to verify what had gone missing from the Bangladesh central bank.
The Bangladesh central bank hack was possible because sophisticated actors were able to take advantage of a comparatively unprepared institution to gain access to a global network of banks. It’s a classic Trojan strategy just on a much larger scale.
Blockchain represents a significant innovation in the potential for banks to process and record transactions in real time but I’m not at all sure it would have protected Bangladesh from this theft. The reality is that while blockchain has many attractive characteristics not least because of the cryptography that is built into the system, it still relies on passwords. If someone can manage to steal encryption keys, then you lose everything. In a worst case scenario that would mean money held on the blockchain would be akin to bearer bonds where the holder of the keys is the owner.
That represents a major challenge for companies seeking to integrate blockchain technology into the mainstream financial architecture. Meanwhile, the threat of cyber criminality is not going away. In fact it is likely to intensify as the cost of participation continues to drop and prosecuting offenders remains difficult.
If the free movement of capital is to be protected then payment processing and security are likely to remain growth businesses because all global banks will need to upgrade their infrastructure. .
Fiserv remains in a consistent medium-term uptrend, defined by a progression of higher reaction lows where support has been found in the region of the trend mean on successive occasions since 2011.
PayPal continues to range above the trend mean and will need to hold the $37 level if potential for additional higher to lateral ranging is to be given the benefit of the doubt.
UK listed WorldPay found at least near-term support in the region of the February low two weeks ago and moved above the 200-day MA last week. A clear downward dynamic would be required to question current scope for additional higher to lateral ranging.
Back to top