Menu close

The new bank robbers are sitting behind a screen

Organised crime and rogue states are the leading actors trying to defraud banks of money through cunning digital fraud. The banks are forced to devote more resources to prevention

15. Jun 2022
5 min
Af Regner Hansen

Hand over the money or I’ll shoot! The traditional bank robbery in a branch on the street corner is largely passé. The number of physical branches has shrunk, and banks are generally unable to give out cash at a moment’s notice.

This form of crime has just as quietly moved over to the Internet. Especially in the last 5-8 years, cyber bank robberies have increased.

The U.S. firm Advisen, which advises on data and security, estimates that banks have suffered losses of 12 billion dollars (DKK 84 billion) due to cybercrime since 2000.

Jane Fraser, CEO of the banking and finance group Citigroup, calls hacking the biggest threat to the U.S. financial system.

Experts explain that digital bank robbery is more attractive than a classic stickup because the perpetrator does not have to show up at a bank and run away with the money without being discovered.

‘It is now possible to steal from a distance. Geography does not matter. They avoid the risk of incurring physical harm. There is also access to far more money in a bank’s holdings than what a branch may have in cash’, says Natasha de Teran, who is a researcher in cybersecurity at the Carnegie Foundation based in London.

The Soviet Bloc and North Korea

The new wave of cyberbank robbery is driven by organised crime, which is either sanctioned by the authorities as a result of corruption or is actually in cahoots with national authorities.

Most known cases have their origins in countries in the former Soviet Union or the Eastern Bloc in Europe.

Jason Passwaters, founder and CEO of the U.S. security company Intel 471, explains that a business model around cybercrime emerged amongst local mafia groups as the technical aspects matured. The purpose is a mixture of actually stealing money and laundering money from other criminal activity.

John Meyer paints the same picture. He is the Department Head of the U.S. company Cornerstone, which advises banks and other financial companies on technology and management. John Meyer adds that some of the perpetrators are well-trained people who already have certain digital skills.

‘The hackers are no longer pimpled teenagers who want to show off. They might be academics who have returned to their home country and cannot get a legitimate job, while simultaneously being burdened by debt for their education’, says John Meyer.

Bankrøvere bag skærmen

In addition, according to experts, cyber bank robberies are perpetrated by rogue states, such as North Korea, which are trying to infiltrate the treasury along the way. There are several examples of digital attacks that can be linked to the North Korean state. China is also mentioned.

A back door to the inside

The subtle methods of cyber bank robbers fall into several categories. The most common approach is phishing, where fraudsters try to defraud bank employees (or customers) with important information about identity and codes and tap money in an improper manner this way. The fraud is typically done through fake emails.

A particularly popular trick is to create an email message that appears to come from a member of the bank management asking to correct an “oversight”, namely to transfer a specified amount to an account to pay for a “charge”.

In some cases, the perpetrators succeed in getting the victim to download malicious software (malware) that opens a back door to the bank’s digital interior.

The world’s largest bank robbery to date was perpetrated precisely by using the back door method. The robbers took USD 81 million (about DKK 560 million) in 2016 when they took money from an account that Bangladesh’s central bank had in the U.S. central bank and moved it to their own accounts in several countries in Asia.

John Meyer states that it is also common amongst cyber bank robbers to take advantage of the fact that many people forget to log out when they have been in the online bank.

Banks are also increasingly the target of ransomware attacks. This is a situation where unauthorised persons gain access to an IT system, encrypt the files, then demand an amount to release them again.

Another tactic consists of cyber bank robbers manipulating websites that experience has shown banks often visit.

The focus is on the banking partners

When it comes to preventing digital bank robberies, experts call for a special focus on third-party actors – i.e. actors outside the bank with which the bank has a firm relationship. It could be a partner who helps with web services and/or arranging payments.

‘If the partner is an integral part of the bank’s operations, and the partner’s security is not as good, then you can be sure that the perpetrators will try to strike at this weaker link’, says Jason Passwaters.