Malicious cryptanalysts tend to be in a different class. They are usually highly trained mathematicians, expert in the number theory needed to fully understand today’s encryption algorithms. Anyone with such a deep understanding of mathematics and computer science normally recieves plenty of respect and prestige in their regular day-job. There is no need to seek out extra-curricular activities to build up one’s ego and prove one’s worth. The only plausible carrot I could think of that would entice a trained cryptanalyst to forge EFT’s on the scale we were seeing was the promise of tremendous personal wealth. A pat on the back and a good story to tell at the bar simply does not measure up to the risk — no matter how lonely and unhappy a person might be.
Our hacker was after money. But how? He or she doesn’t steal any!
I looked at the directed graph splayed out on Rudy’s desk. What can someone gain from this? I racked my brain. Rudy Levinski’s bank occasionally rejects EFT’s simply to avoid being caught off-guard in managing their reserves. Could this attack have a similar motivation? Perhaps. The fact that some accounts were deprived of funds for a full day might be an indicator of tinkering with reserve requirements. Or obligations for interest.
Aha! That was it! I realized then that the hacker was probably helping himself or herself to overnight loans at zero interest. Not large loans, but lots of them. The total could be quite large even if the affect on individual accounts was small. Maybe stalling on payments was not the only way First Chicago Trust met reserve requirements. Perhaps when the bank needed lots of funds fast, a few illegal and surrepticious “loans” were taken out of other banks.
“Have you told us everything about meeting reserve requirements at First Chicago, Rudy?”
“Yes. Why do you ask?”
“Take a look at the graph. Not all of the bank accounts that the hacker uses to route money are balanced immediately. Many of the accounts remain below their proper levels for a full day. It appears that somebody or some institution is using these forgeries to obtain overnight loans without interest. If my hunch is right, we will find that the net affect of all of these forgeries is a large flow of money out of Bendix and into First Chicago.”
“I do not fault you for being quick to accuse my employer of wrong-doing, but I will be very surprised if you are correct, Mr. Raymond. For starters, I will point out that our delay tactics interfered with the forgeries. Even you will agree Carl that it is far-fetched to suggest that we would deliberately interfere with our own scam. Furthermore, I do not believe that my superiors would treat Ms. Cryer as roughly as they have if they knew the source of the forgeries.”
Suddenly I found his exceedingly polite manner grating. “Let’s take a look anyway,” I snarled, unconvinced by his argument.
We had only the confirmed forgeries to work with, and the banks were convinced that these represented only a small fraction of the full set of illegitamate EFT’s. Nonetheless, I was hoping that they would serve as reasonable sample from which to determine if the net affect was a large shift of money out of Bendix bank accounts and into First Chicago accounts.
Trying to track the money along a chain of bad EFT’s was next to impossible. Not only was the information we had very sketchy because the banks had not yet identified all of the forgeries, but the sheer number of EFT’s made the problem insurmountable. The hacker was using multiple EFT’s to deposit money into an account, and then using multiple EFT’s, of very different denominations, to transfer the money out again. Sometimes the in-flow was equal to the out-flow, sometimes it wasn’t. When the in-flow equaled the out-flow we figured the account was being used to launder money. When the in-flow was less than the out-flow then we figured we had an example of a “loan”.
After an hour and several cans of iced-tea, I was forced to concede that there was no pattern in the bad transfers. The hacker was routing money pell-mell between the two banks and even within the two banks. There were transfers between numerous accounts at First Chicago. There were transfers into First Chicago. There were transfers out of first Chicago. There were transfers everywhere.
The data did not support my theory. The delay scam and the forged EFT’s were indeed seperate attacks perpetrated by seperate entities. There would be no easy answers.