Unidentified cybercriminals have reportedly hacked into the SWIFT system of NIC Asia Bank to steal money, exposing vulnerability in the information technology system of Nepali banks.
The Nepal Rastra Bank (NRB), the central bank, has confirmed the reported cyber theft which took place during the Tihar vacation, when all the banks and the central monetary authority remained closed.
“We, however, have not been able to confirm the amount of money that has been illegally transferred through multiple small transactions via SWIFT,” NRB Deputy Spokesperson Rajendra Pandit said.
SWIFT is a system that banks and financial institutions globally use to transfer money. It is said over 90 percent of fund transfers in the world take place through SWIFT.
The NRB on Sunday sent a team to the bank to take stock of the situation. “We have also written to international banks and central banks of different countries not to entertain transactions generated from NIC Asia,” Pandit said. “Account-holders need not worry as their deposits parked in the bank are safe.” NIC Asia Bank officials could not be contacted.
Bankers, on condition of anonymity, told the media that the attack on NIC Asia closely resembles the “biggest-ever cyber heist” that took place in Bangladesh.
In May 2016, cyber criminals had hacked into the computer of a Bangladeshi central bank official to make illegal payments via SWIFT.
The criminals had sent messages to the New York Federal Reserve seeking to transfer nearly $1 billion from Bangladesh Bank’s account, according to Reuters.
Most of the transfers were blocked but about $81 million was sent to a bank in the Philippines.
In 2015, a report prepared by the Russia-based computer security firm Kaspersky Lab had said international cybercriminals had attempted to attack financial institutions in Nepal using a malware called Carbanak.