Bankers Bested by Better Bandits

Monday was Presidents Day, which is a federal holiday, thus sparing America, for twenty-four hours, at least, from the incompetence, ignorance and idiocy of the United States Civil Service. But as usual, federal holidays bring no respite for Gretchen or myself, since I have plenty of other clients to deal with; it’s simply a matter of booking their consultations solid every federal holiday from seven in the morning until six at night. My eleven o’clock appointment, for example, was Percy M. Filch, a senior partner in Steele, Filch and Robb, a K Street lobbying firm. True to his usual form, he had called for an appointment at the last minute on Friday afternoon and Gretchen only just managed to squeeze him in between an Argentine attaché who wanted to discuss the Cristina Fernández de Kirchner scandal and a tourism representative from the Malaysian embassy who needed advice on how to get people who aren’t from Malaysia to start flying on their airlines again.
Percy was his usual blasé self, entering my office in a nonchalant manner and perching with an air of serene entitlement on the couch in front of the the picture window overlooking the White House. Steele, Filch and Robb’s clients hail primarily from the financial sector, and he’s quite familiar with the concept of being too big to fail, nail or jail. “What can I do for you?” I opened.
“It seems, Tom,” he began, as he leaned back into the soft leather with a smug smile, “that computer hackers have ripped off some of our major banking clients for a few bucks.”
“How much?” I inquired.
“Oh, about a billion,” he replied, “give or take a couple of hundred million.”
“Oh that,” I acknowledged. “In other words, chump change.”
“Pretty much,” he shrugged. “Certainly nothing they can’t easily squeeze out of their customers, the Federal Reserve or the government. You’ve read the article in The New York Times, I assume?”
“Of course,” I responded. “But it was a bit… dated, actually.”
“Oh, really?” Filch wondered, his eyebrows arching ever so slightly. “The New York Times is usually on right top of things.”
“Not in this instance,” I informed him. “The Times basically ignored the story until Kaspersky Lab told them about it last week. On the other hand, the fact is, various sources in the network and computing media have been reporting on the story since last fall.
“That’s… interesting,” he commented, suddenly less sanguine. “Our client, The International Association of Multinational Commercial and Investment Banks, assures me that each and every one of their members has the finest information technology department personnel that India, Bangladesh, Indonesia, Singapore and Taiwan can provide.”
“I have no doubt about that,” I assured him, “none whatsoever.”


“Oh [expletive],” he gasped. “I’m not sure I like the sound of what you just said. How long, in fact, has this been going on?”
“Since at least 2013,” I revealed. “That’s when it was first reported that ATMs were spitting out huge piles of cash at random times, just when anonymous figures arrived to scoop them up and hurry away without being apprehended. At the same time, it has since been determined, millions upon millions of dollars were being transferred among fake respondents every day by wire transactions – the funny thing was, the money never really existed. Unsuspecting bank customers would suddenly receive huge increases in their account balances and just as quickly, those increases disappeared into other bank accounts opened in the names of people who recently died or perhaps never even lived. Then, poof! All the money was invested in gold coins which quickly disappeared; or put onto debit cards and spent on high-priced consumer items which were then rapidly sold at deep discounts out of the backs of trucks; or turned into Bitcoins and used to buy enormous amounts of illegal drugs; or, as I just noted, vomited out of ATMs into the gym bags of enterprising thugs who knew how to keep an appointment with destiny.”
“I see,” Filch remarked wistfully. “Not exactly high-speed trading in derivatives, but I gotta hand it to them – that is definitely some pretty slick action. Has anyone figured out how these guys managed to get into my clients’ computer systems in the first place, though?”
“Well,” I reminded him, “you know what kind of spineless, simpering sycophants work at your clients’ banks, don’t you?”
“Oh, of course,” he smirked. “That’s how the banking executives like them.”
“It seems,” I continued, “that the hackers knew that, too. They’d make up some kind of blithering gibberish and put it in a Microsoft Word document, then embed a piece of malware in that, attach the document to an email, fill in the From line so it appeared to have been sent by some bigwig at the bank, and make sure that email ordered the recipient to open the attachment and read it. And when they did, the embedded malware executed, running in the background, infecting their computer.”
“And when the recipient read that Microsoft Word document?” Filch wondered. “After they saw it was nothing but cockeyed nonsense, didn’t any of them ever check to see if the sender was really the bigwig the email said it was?”
“Of course not,” I vouched. “Not a single one of them in God knows how many banks, in the United States, Russia, Japan, Switzerland, the Netherlands or in twenty-six other countries. They all behaved exactly like the cowering, obsequious, unquestioning lickspittles which the bank executives had gone to so much trouble to hire.”
Considering my observations, Filch knit his brow. “Microsoft Word documents? Like I have at my office?”
“Microsoft Office,” I confirmed, “like clueless bankers have the world over.”
“Huh,” Filch grunted, half amused by the situation, “what the hell is wrong with [expletive] Microsoft security, anyhow?”
“What the hell isn’t?” I replied. “Tell your clients to have their IT geeks look for a PA exec file…”
“Oh [expletive],” Filch grumbled as he grabbed a tablet and began to take notes, “how do you spell that?”
“P-A-E-X-E-C,” I slowly intoned. “On infected machines, it will be in the Windows Catalog.”
“What does it do?” Filch asked.
“It allows remote machines to execute commands,” I explained as Filch slowly typed. “They also need to look for an S-V-C HOST dot E-X-E in the System 32 C-O-M-M Catalog directory, and for files with a B-I-N extension in any Mozilla data directories. Also, any file with an S-Y-S extension in Windows Services that has another file of the same name without that extension is suspect.”
“Okay,” he shrugged. “I have no idea what this [expletive] means, but I’ll read it verbatim to them and assume their computer wonks will understand it.”
“Oh, they will,” I confirmed. “And your clients will no doubt be convinced their Gucci-wearing lobbyist is some kind of technical genius.”
“That’s the kind of thing,” he chuckled, “that I pay you for, Tom.”
“You’re welcome,” I answered with my best bland and noncommittal voice.
“Well, hey, from what I’ve been told,” Filch observed, “it’s only about ten million bucks per bank.”
“Chump change,” I reiterated. “Apparently, they knew enough about banking to realize that a missing ten million dollars could go for months, even years, before anyone at a typical bank would ever even notice.”
“True,” he admitted. “But actually, you know, if their controls were any more stringent than that, it would make it too easy for the regulators and auditors to catch… um… uh… you know, the little things bankers do to make their… ah… pocket money, as it were.”
“As it were… indeed,” I japed. “And this in a world where the public spits in disgust on a man who steals a loaf of bread from a Seven-Eleven to feed his starving family.”
“As well they should,” Filch self-righteously trumpeted, “after all, every educated person knows that the penalties for theft should always be inversely proportional to the amount stolen. But I’ll tell you what the real problem is, Tom, and the reason I’m here today. You see, the international banking industry isn’t worried about the money – what they’re worried about is their image.”
“They’re worried about their image?” I responded, astounded, as any sane and erudite person would naturally be.
“Absolutely,” he confirmed.
“And what aspect of their image,” I sought to confirm, “would they be worried about?”
“Well, obviously,” Filch stated in a somewhat flabbergasted tone, “they’re worried that this whole affair might make international bankers look kind of… well, you know… moronic… foolish… dumb…. that sort of thing.”
“You can’t be serious,” I objected.
“Of course I’m serious!” he insisted. “How could you think otherwise?”
“You expect me to believe,” I argued, “that after working for over forty years to remove every single control imposed on the international banking system since the Great Depression, and then totally raping the world economy to satisfy their megalomaniac concept of themselves as Masters of the Universe, bankers are actually worried about a bunch of nerds using laptop computers with coffee shop wi-fi connections to the Internet making them look stupid?”
“Um… yeah,” Filch mumbled uncertainly.
“Well,” I remarked, “Whiskey Tango Foxtrot? Don’t you think your clients’ accomplishment to date speak for themselves? Doesn’t the history of finance over the last thirty years conclusively demonstrate the monumental masturbatory mindlessness of every sort of banker, everywhere and anywhere they might be found? Seriously, my friend, what’s spitting in the goddamned ocean?”
“I think it’s the computer angle that bothers them,” Filch fretted. “They’re not really all that embarrassed about squandering the nest eggs of widows or plundering the life savings left to orphans and such – that’s just business as usual, you know, it’s their job to make big mistakes with little people’s money, after all, and so what, right? But when somebody uses the bankers’ own computers to hoodwink them, that’s different. When that happens, they’re concerned about confidence. I mean, how can the public maintain its confidence in a bunch of clueless, half-witted, bird-brained, air head imbeciles who can’t even keep a gang of pathetic, pimply teenage software dorks from stealing a billion dollars right out from under their pathetic gin-blossomed noses?”
“What confidence?” I shot back.
“Huh?” Filch exclaimed. “What do you mean, ‘what confidence?’”
“Your clients, the international banking community,” I pointed out, “surely do not, in fact, actually believe that any sane person with an IQ above room temperature has the least scintilla of confidence in their integrity, competence, honesty, character or brains, do they?”
“Well,” he harrumphed, “they… um… I… I am reasonably confident that they sort of like to think that, anyway.”
“All right,” I sighed, “in that case, let’s humor them, collect our princely remunerations and let them go on living in their kleptocratic fantasy world like the heartless, amoral well-dressed sociopaths they are, shall we?”
“Sounds like a plan,” he nodded enthusiastically, leaning in, exuding expectation. “What do you recommend?”
“Blame it on Congress,” I advised. “Nobody will have any problem believing that.”
“Okay, sure,” he grinned. “But… how?”
“Write stern letters to the relevant committee members and chairmen,” I explained, “complaining that there has been insufficient attention to regulations regarding cyber-security. Then issue press releases implying that political gridlock on Capitol Hill has left the United States, which should be setting an example for the rest of the world, sorely behind the curve, thus abandoning our banking system to a coterie of pitiless, avaricious, conniving manipulators shamelessly fixated on nothing but ruthless self-aggrandizement and wholesale larceny.”
“Well, sure,” Filch agreed. “That’s more or less what they were counting on. But what about the hackers?”
“Um… yes,” I continued, “those dastardly hackers, of course. Tell you what – better let me wordsmith a template for the press releases so it will be absolutely clear to the casual reader exactly to whom your clients are referring.”
“Oh, would you?” Filch beseeched, glancing at his watch. “Ah, [expletive], I’ve got to go. I have a power lunch date at Morton’s Steak House and I’d hate to be late.”
“No problem,” I promised as he rose and made for the door. “It would be a privilege to do so. After all, banking is the backbone of international prosperity.”