Cyber Risk

Nepal recovers 'most' of the money hacked from bank

KATHMANDU (Reuters) - A bank in Nepal has recovered most of the money stolen after its SWIFT server was hacked last month, two officials, involved in the investigation of the Himalayan nation’s first reported cyber heist, said on Tuesday.

Nepalese people travel on a rickshaw after public transportation was halt during a countrywide strike against the Nepali government and police in Kathmandu December 19, 2011. The demonstration was called by the Nepalese Congress Party to protest against the death of the Chitwan chairman of Nepali Congress-affiliated Tarun Dal, Shiva Poudel. Poudel was critically injured in the Bharatpur jail brawl two weeks ago and died on December 16 in the course of his treatment, according to local media. REUTERS/Navesh Chitrakar (NEPAL - Tags: POLITICS CIVIL UNREST)

Cyber attackers made about $4.4 million in illegal transfers from NIC Asia Bank, based in the Nepali capital, by hacking the SWIFT server at the private bank, to other countries, including the United States, Britain, China, Japan and Singapore last month when the bank was closed for annual festival holidays, Nepali media said.

Chinta Mani Shivakoti, a deputy governor of the Central Nepal Rastra Bank (NRB) said the regulator had requested authorities in these countries not to release the payment of the stolen amount as soon as it was informed about the theft and had launched moves to recover it.

“Most of the stolen amount of money has been recovered,” Shivakoti told Reuters. “A sum of amout $580,000 is yet to be recovered,” he said without giving details.

The chief of Nepal police’s Central Investigation Bureau Pushkar Karki said his agency was investigating into how the passcode of the bank’s computer system had been stolen and who was involved in it.

“We are still working on this,” Karki told Reuters.

Nepali media reports said consultancy firm KPMG was also involved in the investigation.

“The incident showed there are some weaknesses with the IT department of the bank. Once the investigation report is available we’ll provide guidelines to avoid such incidents in future,” Shivakoti of the central bank said.

SWIFT said it does not comment on individual entities.

A SWIFT spokesperson said: “When a case of potential fraud is reported to us, we offer our assistance to the affected user to help secure its environment.”

“We subsequently share relevant information on an anonymised basis with the community. This preserves confidentiality, whilst assisting other SWIFT users to take appropriate measures to protect themselves. We have no indication that our network and core messaging services have been compromised”.

Officials from NIC Asia Bank, one of dozens of private banks in Nepal, were not immediately available for comments.

Hackers stole $81 million from the Bangladesh central bank in February last year after gaining access to its SWIFT terminal and the emergence of other successful and unsuccessful hacks rocked faith in a system previously seen as totally secure.

Additional reporting by Jeremy Wagstaff in SINGAPORE