Security requires a defense in depth strategy. In this case one hack that flipped a bank's DNS addresses to impostor sites set the ball in motion for a complete digital channel heist. Remarkable.
While no doubt this was a pre-planned sophisticated attack, it is clear that if they deployed a mutual and simultaneous authentication tool that was integrated with a communications layer that went beyond TLS the heist would have failed.
How Hackers Hijacked a Bank’s Entire Online Operation by wired.com
