My new book, The Eves of My Destruction is entirely a work of fiction but it has many kernels of truth. The technology explained in the story is real and while I took care not to reveal too many insider secrets, be aware if you read my book that similar events are taking place in the real world that should give you pause. In my novel, the protagonist in the story is accused of using his deep knowledge of the banking system to pull off a massive cyber-crime, stealing billions of dollars from multiple banks.
Until fairly recently, cyber fraud was usually targeted at individuals through identity theft. While very unpleasant for the individual victims, the scale of these crimes did not threaten the safety of the entire banking system. Now however, cyber criminals have stepped up their activities and are targeting thousands of accounts or entire banks. In 2016, nine thousand bank accounts at Tesco bank in England were attacked and almost four million dollars stolen. The bank quickly suspended all online debit transactions and refunded the lost funds to their customers but this points to a much larger issue. What if the criminals had succeeded in stealing funds from every one of their 136,000 accounts? What if every account had been drained to zero over night? Would the bank have survived without government assistance?
This is not hyperbole. Neither the bank nor the English banking regulators have shared how the crime was committed but this type of batch theft should give everyone alarm. While many of the cyber-attacks target overseas banks, the United States is not immune, despite the best efforts of banks and their security experts. In 2014, JP Morgan Bank suffered a major breach of private customer data including names, addresses, phone numbers and Tax IDs.
The SWIFT system, which is used to transfer billions of dollars every day and is featured in my book, suffered three significant hacks in 2016. SWIFT said in a statement that the attackers exhibited a “deep and sophisticated knowledge of specific operational controls” at targeted banks and may have been aided by “malicious insiders or cyber-attacks, or a combination of both.”
Eighty million dollars was stolen from the Bangladesh account at the Federal Reserve Bank of New York. The thieves were actually trying to steal one billion dollars but a typo alerted bank employees who were able to cap the theft. The money was laundered so successfully that while $60 million was recovered, $20 million disappeared completely.
The inspiration for my book comes from many sources, deep industry knowledge was a key but so was my own real world experience. My own bank accounts were hacked and only because I had taken the time to setup text alerts notifying me of changes to my bank balance was I able to quickly intercept the fraud. In a moment that was quite startling; at one time I was actually logged on to my bank account and watched the thief changing my private information in real time. This was also part of the inspiration for writing my story— my truth. Not only was it stranger than the fiction I would craft around it and it is more common than you think.