Hackers stole 2 billion rubles (over $31m) from correspondent bank accounts at the Russian central bank in a cyberattack, the bank confirmed on Friday (2 November). According to central bank official Artem Sychev, the cybercriminals attempted to swipe around 5 billion rubles, the Wall Street Journal reports. However, the central bank managed to stop them and recover some of the money.
"We can't say exactly when, but we can say today it was stolen," Ekaterina Glebova, an official at the bank's press office told The Wall Street Journal.
According to a report released by the central bank earlier on Friday, the hackers broke into a system that the central bank operates by faking a client's credentials, Reuters reports.
The banking institute said that it was able to retrieve $26m, part of which was reportedly frozen in other bank accounts that the hackers opened in order to move the money. In some cases, the bank said it was able to freeze transfers from the targeted correspondent accounts.
However, the report did not identify the cyber thieves or specify when the attack occurred.
"Cyber risks potentially can have severe implications for the financial system," the report said. "In this respect the efforts of credit institutions to improve their information systems and other risk management aspects, as well as information exchange on cyber-attacks with regulators and other market participants, gain more importance."
This cyberattack marks the latest in a series of attacks targeting financial institutions globally.
In February, hackers made off with $81m from the central bank of Bangladesh by targeting the bank's access to the global bank messaging service Swift. Ecuador was also the victim of a similar attack in 2015 in which hackers stole about $9m, according to a little known lawsuit. In December 2015, a commercial bank in Vietnam also suffered a cyberattack in which thieves attempted to steal funds using Swift.
Earlier on Friday, the Russian government claimed it had thwarted an attempt by "foreign secret services" to launch large-scale cyberattacks against its financial system on 5 December. The Russian Federal Security Service said that the hackers were planning to use servers owned by Ukranian company BlazingFast that is located in the Netherlands.
"The FSB is carrying out the necessary measures to neutralize threats to Russia's economic and information security," the security agency said in a statement.
According to Reuters, Russia's central bank said it was aware of the cyberthreat and was in contact with the FSB. It added that the "situation is under control" and that it had created a plan to counter any possible attack.
Since the US formally accused the Kremlin of orchestrating cyberattacks on the Democratic National Committee and other political organisations in an attempt to meddle in the US election in October, tensions have escalated between the two countries. Moscow has continued to dismiss the allegations.
The White House has said that President Barack Obama is considering a "proportional response" to the alleged Russian cyberattacks, adding that any possible action taken might not be announced in advance or disclosed to the general public.
US Vice President Joe Biden also told NBC News shortly after that "we are sending a message" to Russia and that the US has the "capacity to do it."
"It will be at the time of our choosing. And under the circumstances that have the greatest impact," Biden said at the time.