This situation involves a large bank that has recently installed a new software system for handling all transactions and account storage. An employee at the company developing the software programmed a “back door” into the system, and got another employee to unknowingly install it. Some weeks later, millions were stolen from a number of accounts at the bank. This situation was chosen to highlight the amount of trust that large corporations place in programmers of critical systems.
Programmers are quite capable of abusing extremely large and important systems without leaving a trace, and it is surprising that this sort of situation does not happen more often in today’s world. The paper provides an analysis of this type of cybercrime, possible ways in which such a crime could have been prevented, and the consequences of such crime in general. This paper shows that a complete reliance on a single computerized system makes it easier for such a cybercrime to occur. FBI Narrows Investigation of Safebank Incident (Associated Digress report)
REDMUND (AD) – The focus of the Safebank investigation shifted back to the headquarters of Microsloth Corporation, reported the FBI on Monday. The investigation had originally been conducted with the cooperation of international law agencies, in an attempt to track the location of the funds moving through accounts in Europe and the Caribbean. More recently the FBI reported, in a statement given Monday by case director Walter Navarre, that “Evidence has been collected linking the crimes to an employee of the Microsloth Corporation. ”
The Safebank incident began last Wednesday, October 17, 2001, when the management at a Safebank branch in Boston was contacted by a customer of the bank reporting that his account suddenly contained no more money. There was no record of any transaction carried out on the account, but when backup records were checked, it was determined that the account had indeed contained the specified amount. Safebank spokeswoman Alicia Delrey said, in an interview Monday, that “Safebank had no indication that a transaction of any kind had taken place.
The records showed a balance of approximately a half-million on one day, and the next day these funds were no longer present in the account. ” A comparison check conducted by the bank showed that similar actions had occurred on nearly two hundred other accounts. All accounts affected in this way contained in the range of half a million to a million dollars. Problems were assumed to have been the cause of a bug in the new transaction software installed by Safebank two weeks earlier.
The developer of the software, Microsloth Corporation, was contacted in relation to the problem. At this point, one of the Geneva branches of the Swiss banking giant UBS contacted Safebank with reports of fifty-two major transfers to unidentified accounts. These transfers consisted of amounts that matched exactly the amounts missing from certain Safebank accounts. An international alert was dispatched to banks worldwide. Within hours, a listing of accounts in foreign banks had been assembled that exactly matched the amounts missing from Safebank.
The FBI was called in to investigate the incident, while all accounts indicated were frozen. Initial investigations indicated that the accounts had been opened under a variety of assumed names, by a single individual. According to special investigator Shawn Murray, “although the accounts were not opened in person, we were able to determine, through reports given by bank employees and through bank terminal video recordings, that they were indeed opened by the same individual in all cases. ”
Investigations yesterday pointed to Wolfgang Schlitz, a former director of the Safebank transaction software project, as one suspect. According to FBI investigators, a current Microsloth employee, who is also a suspect, provided information pointing to Mr. Schlitz. Although Mr. Schlitz was unavailable for comment, the employee was identified as Bertrand Dupont, a senior programmer on the Safebank software project.
Apparently, Mr. Dupont was, while programming, given a precompiled code object by Mr. Schlitz. The object was intended to be integrated into a specific part of the system handling transactions. Mr. Dupont, in an interview yesterday, said “He told me it was a set of more optimized transaction classes that the optimizations team had produced. He was the boss, and the explanation sounded perfectly reasonable, so I didn’t suspect anything. The code worked fine, and I forgot all about it until now. ”
The FBI investigation is currently centering on Mr. Dupont and Mr. Schlitz as possible suspects although, according to case director Walter Navarre, “We have not ruled out the possibility of other, as yet unidentified, collaborators. ” “The scope of this crime is unprecedented; millions of dollars were taken without a trace. If it were not for the size of the transactions involved, we may never have noticed anything,” commented industry analyst Lancolm Hayes. “We should take this as a strong argument for better security controls on safety-critical sectors of the development industry,” he added.
