Federal Reserve Bank of New York President William Dudley said Friday the bank is working to improve cyberdefenses at the bank and abroad, following the theft of $81 million from Bangladesh's account at the Fed in 2016.
Continue Reading Below
Mr. Dudley said cyberrisk was a "particularly hard risk to evaluate," in part because cyberthieves are becoming more sophisticated and improving their tools as the banking industry catches up to their crimes.
Mr. Dudley's remarks at York College in Queens, N.Y., come as The Wall Street Journal this week reported federal prosecutors are building cases that would accuse North Korea of directing the theft from the Bangladeshi central bank's account at the New York Fed in February last year.
Philippine authorities in November returned $15 million of the $81 million stolen, after a Chinese casino operator there turned over money to the authorities.
"In the Bangladesh situation, their facilities were not secure," Mr. Dudley said Friday. "Someone executed a payment that looked completely authentic" in the network operated by financial-messaging system Swift, formally known as the Society for Worldwide Interbank Financial Telecommunication.
A spokeswoman for the New York Fed has said the bank can't comment on customer account activity, citing client confidentiality. But when news of the theft broke last year, the Fed said there was no evidence its own systems were compromised and that the orders it approved had been authenticated by Swift.
Mr. Dudley said the New York Fed phishes its own employees to test them on cyberawareness, and is working with international stakeholders to help ensure the cross-border payments system is more secure. The focus of that work is to make sure everyone understands their responsibilities in the global payments chain, he said.
In a statement last August, the New York Fed said about the case in Bangladesh that it was part of a team "working together to recover the entire proceeds of the fraud" and "bring the perpetrators to justice in cooperation with law enforcement."
By Katy Burne