On 4th February 2016 Thursday, a day before Bangladesh’s weekend kicked off, 35 fake transactions from the Bangladesh Central Bank were sent in a matter of hours. The entire attack cycle, stretched over the next few days, ended when the funds reached the final destination on Monday 8th February 2016, the first day of Chinese New Year in Philippines.
The investigation of “TTP” (technique, tactics, procedures) revealed other attacks with similar characteristics – $12 million stolen from Ecuador’s Banco del Austro in 2015, and a foiled attempt at Vietnam’s Tien Phong Bank in May 2016.
Today, there is still no word on who was responsible, and Bangladesh Bank has retrieved only about $15 million, mostly from a Manila junket operator. What lessons can we learn from the Bangladesh attack? We spoke to Don Randall, MBE, who was Head of Security at the Bank of England in 2008, and the Bank’s first Chief Information Security Officer in 2013. Today, he continues as the Cyber Ambassador in various commercial areas
Tell us a bit about your experience in the private public sectors?
I served with the City of London Police from 1969 to 1995, with specific emphasis on fraud and counter terrorism before 13 years at JPMorgan Chase as Managing Director for International Security Manager for Europe, the Middle East, Africa and the Asia Pacific regions.
I joined the Bank of England in 2008 and was appointed the Bank’s first Chief Information Security Officer (CISO) in 2013.
The CISO role undertook 4 functions: Policy and Standards, Intelligence Investigation and Forensics, Education, and Support for the “CBEST” program, a framework defined in consultation with Her Majesty’s government…Click here to read full interview.
