According to news reports, International hackers have stolen about Rs 40 crores from NIC Asia bank overnight. This NIC Asia SWIFT cyber heist was caught as the funds were not matching while checking after Laxmi Puja. As per newspapers, it is an attack on the SWIFT system of the bank. Some of the money has been recovered while the remaining amount is already transferred overseas. NRB has also contacted international banks to not settle funds sent from NIC Asia during the heist period. This whole incident has alarmed the whole Cyber Security and banking system of Nepal.
A few years back Kaspersky Russia reported international hackers trying to attack Nepali online banking space using malware. Some analysts also say that this NIC Asia heist could be a sign that hackers are attracted to Nepali banks. Nepal’s cyberspace and its cybersecurity have always been questioned by security experts.
The full form of SWIFT is Society for Worldwide Interbank Telecommunication. It is a messaging network for financial institutions used for international fund transfer and settlement. Each bank has special SWIFT codes that help to transfer money from one institution to another. For example, the SWIFT Code of NIC Asia is NICENPKA. As per reports, SWIFT was the vulnerability in this attack.
NIC Asia SWIFT Cyber Heist Details
From various Nepali newspapers, we read that the hackers did many small transactions to do this heist. In this way, they transferred about Rs 40,00,00,000. It is said to be one of the biggest cyber crimes in Nepal. Well, customers don’t need to worry because NIC Asia customers’ money is safe in their accounts. After all, this is not account-level theft. By the way, many thieves and hackers usually take small amounts of money from each account which accumulates to huge amounts and customers also don’t know. This is a common malpractice or activity.
Also Read: International Online Payment From Nepal
As of now, Nepal Rastra Bank has requested the central bank of other countries to stop the transfer of looted money from NIC Asia. NRB is also working with the bank to find out more details. It has also been reported that a large amount of the transferred amount has been recovered. According to some sources, it is due to a malware attack in NIC Asia’s SWIFT code system. Many other banks also suffered such attacks in the past which was bad.
All Nepali citizens are already aware of ATM forgery and theft. This a new additional threat that is now challenging everyone. Customers, banks, central bank should be aware now more than ever. As online banking and mobile banking are increasing we all should be very careful
Current Status of Nepali Banks
Many banks in Nepal don’t have EV SSL Certificates which is quite disappointing. We checked NIC Asia’s online banking site after the heist and it is just a normal SSL Certificate. Many security experts have pointed out and told us about banks having security vulnerabilities in their systems. The institutions usually don’t show eagerness to solve such issues.
There are many problems in the current situation. Online banking and e-banking are growing rapidly but the development of security solutions is very slow. You may be surprised but the ATM/Debit card swiping in shopping malls ATM booths is also filled with security threats. Scammers, hackers, and skimmers are in various places so we must be careful with every step. We suggest you be very aware while using your cards.
Card security is an old thing that is still relevant. Nowadays online banking and digital wallets in Nepal are on the rise. Those need serious attention because they are on our phones and PCs like laptops. We use them almost daily and we need to be super careful regarding them. Here are some advice that you can follow to make your online or digital banking safe.
Suggestions to make Online Banking Safe
- Always use genuine and updated Antivirus on your computer. Windows Defender/ Windows Security also works very well.
- Use Incognito mode while using online banking services.
- Keep strong long passwords with all types of special characters, numbers, and alphabet combinations.
- Use a virtual keyboard to be safe from keyloggers.
- Regularly change your passwords and PIN.
- Check for fake keyboards in ATM Stations and cameras on the machine.
- Cover your hand before dialing the pin in the ATM booth.
- If your bank’s website doesn’t have an SSL Certificate (Green Pad Lock sign on the left side at the address) then don’t use their service and complain about it.
- Never share information and credentials with anyone.
Nepal is in desperate need of a Police Cyber Cell with advanced technical power to cope with these and other criminal activities. Banking institutions also need to hire white hat hackers to find problems to patch them up. Overall we all should be aware and strengthen our account security as far as we can.