We have corresponded with the banks to put each payment order on hold till our forensic probe ends

— Roshan Kumar Neupane, officiating CEO of NIC Asia Bank

Kathmandu, October 23

After the incident of hackers’ attempt to steal money through SWIFT banking of NIC Asia Bank came to light, the Nepal Rastra Bank today summoned IT chiefs of the banks offering SWIFT services and instructed them to be mindful of a few things to prevent such incidents from recurring.

Firstly, the banks have been told to ensure that the room and computers through which the SWIFT server is operated should have a well-protected security system.

Society for Worldwide Interbank Telecommunication (SWIFT) is a global financial messaging system through which thousands of banks and commercial organisations across the world transfer billions of dollars every day.

Secondly, the staff of the banks offering the SWIFT service should be able to directly contact the officials of the counterpart bank, where they are operating foreign currency accounts. “This will ensure that the counterpart bank will promptly inform or verify the order if they suspect any anomaly,” said Rajendra Pandit, joint spokesperson for NRB.

“Banks have also been directed to upgrade their security systems as per the instructions of SWIFT and manage security procedures properly to avoid such incidents.”

The instructions have come after hackers placed orders of payment in six countries by hacking the SWIFT server of NIC Asia Bank, which was noticed during the Tihar festival. NRB has already written to the counterpart banks of the concerned countries where the hackers placed the payment orders, to hold the payment orders until the investigation concludes.

Immediately after the incident, NIC Asia Bank shut down its SWIFT server and corresponded with the Standard Chartered Bank and Mashreq Bank in New York, where the bank is operating its foreign currency accounts, not to transfer the funds to any bank, as several orders might have been placed by hackers.

NIC Asia subsequently also invited a team from KPMG, India, for forensic investigation. The team, after arriving in the capital today, has already started looking into the matter.

According to Roshan Kumar Neupane, officiating CEO of NIC Asia Bank, initial investigation shows suspicious transactions of around Rs 50 million. “We have already corresponded with the banks to put each payment order on hold till our forensic investigation concludes,” said Neupane, adding it would take around a week to complete the investigation. “We have installed a new SWIFT server and transferred all the data to resume our SWIFT transactions.”

Neupane said the bank was trying to retrieve the funds that hackers might have transferred to banks. However, neither the bank nor the regulatory authority — NRB — are aware about how much funds might already have been released from the New York-based banks, in which case, it would be a loss for NIC Asia.

According to Pandit, NRB today summoned the president of Nepal Bankers’ Association and urged establishment of an IT security information desk in each bank to exchange any pertinent information, including any threats received, and the latest development on the technological front to make banking transactions more secure.

“It would have been better if proper security measures had been put in place earlier. Better late than never,” said Anil Keshary Shah, president of NBA.

READ ALSO:

• Swift codes targeted in few Nepali banks cyber attack