A bank in Nepal has recovered most of the money stolen after its SWIFT server was hacked last month, two officials, involved in the investigation of the Himalayan nation’s first reported cyber heist, said yesterday.
Cyber attackers made about $4.4mn in illegal transfers from NIC Asia Bank, based in the Nepali capital, by hacking the SWIFT server at the private bank, to other countries, including the United States, Britain, China, Japan and Singapore last month when the bank was closed for annual festival holidays, Nepali media said.
Chinta Mani Shivakoti, a deputy governor of the Central Nepal Rastra Bank (NRB), said the regulator had requested authorities in these countries not to release the payment of the stolen amount as soon as it was informed about the theft and had launched moves to recover it.
“Most of the stolen amount of money has been recovered,” Shivakoti said. “A sum of $580,000 is yet to be recovered,” he said without giving details.
The chief of Nepal police’s Central Investigation Bureau Pushkar Karki said his agency was investigating into how the passcode of the bank’s computer system had been stolen and who was involved in it.
“We are still working on this,” Karki said.
Nepali media reports said consultancy firm KPMG was also involved in the investigation.
“The incident showed there are some weaknesses with the IT department of the bank. Once the investigation report is available we’ll provide guidelines to avoid such incidents in future,” Shivakoti of the central bank said.
SWIFT said it does not comment on individual entities.
A SWIFT spokesperson said: “When a case of potential fraud is reported to us, we offer our assistance to the affected user to help secure its environment.”
“We subsequently share relevant information on an anonymised basis with the community. This preserves confidentiality, whilst assisting other SWIFT users to take appropriate measures to protect themselves. We have no indication that our network and core messaging services have been compromised”.
Officials from NIC Asia Bank, one of dozens of private banks in Nepal, were not immediately available for comments.
Hackers stole $81mn from the Bangladesh central bank in February last year after gaining access to its SWIFT terminal and the emergence of other successful and unsuccessful hacks rocked faith in a system previously seen as totally secure.
LEAVE A COMMENT Your email address will not be published. Required fields are marked*
A battle for hearts, minds and ears in Nepal poll
Nepal gears up for elections amid fears of violence
Dahal’s son dies of heart failure
China begins feasibility study on cross-border rail with Nepal
Nepal musicians retune to traditional instruments
Nepal to have early warning facility to respond to disaster
Bomb hurled at Nepal candidate