Latest Victim Of The SWIFT Attacks? A Nepalese Bank

SWFIT

Another bank has been hit in the string of cyberattacks that have been targeting the global SWIFT bank messaging system. The latest victim is a Nepalese bank.

The good news is most of the stolen funds have been recovered, two officials involved in the investigation confirmed on Tuesday to Reuters. All but $580,000 of the funds were clawed back — though it did take Nepal asking other nations to block release of the stolen money.

Cybercriminals have been targeting the SWIFT platform relentlessly since last year’s $81 million theft from Bangladesh’s central bank. That increased focus has made some defenses more vigilant against attempts at hacking such that many recent attempts have been repelled. But the attempts roll on and continue to target banks that have partnered with SWIFT.

The Society for Worldwide Interbank Financial Telecommunication (SWIFT) is a cooperative owned by its user banks — and at this time, it has no comment to offer on the NIC ASIA Bank hack. SWIFT says it won’t have one, because it does not discuss specific users. NIC ASIA Bank had no comment to offer either.

The chief of Nepal’s Central Investigation Bureau, Pushkar Karki, confirmed to Reuters that his agency was investigating. KPMG is also involved in the investigation, according to Nepali media reports, though no representative could be found for comment.

The central bank intends to release guidelines on how to thwart such incidents after investigations are completed, according to Chinta Mani Shivakoti, deputy governor of the Central Nepal Rastra Bank (NRB).

“The incident showed there are some weaknesses with the IT department of the bank,” Shivakoti said.