NIC Asia Bank

NIC Asia Bank, headquartered in Nepal, is a financial institution that became the subject of a significant cybersecurity incident in November 2017. On November 4th of that year, the bank experienced a targeted cyberattack against its SWIFT server, a critical system for international financial messaging. The attack occurred during a festival period and resulted in the issuance of unauthorized payment orders totaling approximately 460 million Nepalese Rupees. These fraudulent transactions were directed to recipients across six different countries, routed through intermediary banks, representing a substantial breach of the bank's financial transaction security protocols.

Following the discovery of the attack, NIC Asia Bank initiated a formal response by engaging external forensic investigators to examine the breach. The bank also collaborated with Nepal's central bank and relevant law enforcement agencies to manage the crisis and trace the illicit funds. This coordinated effort succeeded in recovering 400 million Nepalese Rupees, though 60 million Nepalese Rupees remained unrecovered. An internal investigation conducted by the bank revealed that staff members specifically assigned to SWIFT operations had misused a dedicated system computer for non-work related activities, a critical security failure that likely facilitated the attack. As a direct consequence, six employees were reassigned. The Central Investigation Bureau of Nepal subsequently launched its own inquiry to determine the full extent of security lapses and to investigate the potential involvement of both external hackers and internal actors in the planning and execution of the fraud.