One of the biggest private commercial banks in Nepal became the victim of a massive hack attack. Attacker’s hacked Nepalese bank’s swift server is initiating $4.4 million in money transferred from Kathmandu based NIC Asia Bank to the accounts in other banks in foreign Countries including China, Japan, United States, United Kingdom, and Singapore. Hackers chose the perfect time for their action when the bank was closed for the annual festival Tihar for about five days.
NIC Asia Bank which is based in Kathmandu informed Nepal’s Central Bank, Nepal Rastra Bank which was able to recover about $400 million but about $460,000 had already been released by the accountholders held in an overseas bank. NIC Asia authorized KPMG India, which provides services related to internal audit and corporate governance services to perform a digital forensic review and involved central investigation Bureau to investigate how the server was hacked but the investigation has not been able to conclude that the resulted theft was from insider theft or outsider attacker.
Deputy inspector general of Nepal police and chief of CIB, Pushkar Karki is investigating whether or not the bank had proper security and which party was involved in the hacking. The heist targeted NIC Asia Bank’s Nostro account which was held in another bank to provide foreign exchange transactions.
Commonly SWIFT is a very secure medium for fund transfer, and more than 90 percent of fund transfer in the world is done via SWIFT as it is widely spread over 200 countries, but there are repeated reports of different hack in a swift server. $81 million was hacked from the Central bank of Bangladesh’s Federal Reserve from New York account. The incident had people triggered over the SWIFT which made the SWIFT system to revise its security, but following Heist on Nepalese bank, the swift server shows they still lack in their security details. However, SWIFT denies the fact that their network and messaging services have been compromised.
The only action that has been taken by NIC Asia Bank is that it has transferred the six staffs who were responsible for handling the SWIFT operation. But the damage had possibly occurred not by the teams who were handling Swift operation but due to the lack of positions of head and deputy head of the IT Department which was vacant. Currently, the vacant position was being run by junior staff. The junior team didn’t have much clue when the hackers broke into the SWIFT system.
The department of Central Bureau and a team of Nepal Rastra bank are now working collectively to take the stoke of the situation, and the report is said to be published when the study is complete. The involvement of the bank’s staff is still being considered as a report of NRB stated it has not ruled out the responsibility of the bank’s team in the attack although the officials of NIC Asia has not provided any proper details regarding the involvement of the staffs.