Hackers stole IRs 960 million from Cosmos Bank of India from August 10-13. Lazarus Group of North Korea stole the amount by hacking data of the system of Cosmos Bank that has its headquarters at Pune, according to the Indian media.
The Indian media claim that the theft occurred as the Indian banks did not exercise caution despite being warned by the Federal Bureau of Investigation (FBI) of America. The North Korean hackers had tried to hack Nepali banks before hacking the Indian bank, according to the police that attribute the hacking of over Rs 460 million from NIC Asia Bank a year ago to Lazarus. The hackers got their hands on around Rs 40 million of the money stolen by hacking Swift code of the bank but could not take the rest of the money.
"The group has tried to hack system of three banks in the intervening period but to no avail," a police source told Setopati.
Nepali banks have not adopted necessary security measures despite repeatedly being targeted by international hackers.
Investigations showed weakness of NIC Asia Bank in the hacking of Swift code. The police source attributed the hacking to blunders by bank staffers. "We found that bank staffers did what should never have been done. Swift code is kept at three levels. Staffers of one level do not know password of the other. But we found that the staffers shared passwords of all three levels among themselves," the source claimed.
Investigations revealed that bank staffers were using Swift code even from home. "We found that the computer used to operate Swift code was used to even visit porn sites which should never have been done as doing so makes it easier for hackers to steal data," the source revealed.
The source claimed that Nepali banks are being targeted as they did not take necessary precaution. "Banks have not taken necessary precaution. The software used by NIC Asia then was also substandard."
NIC Asia had investigated the hacking in coordination with KPMG India. The investigation showed that the software used by NIC Asia was substandard.
Nepal Rastra Bank (NRB) Spokesperson Narayan Paudel said the central bank has made security audit mandatory for banks across the country due to the threat of hacking. "We have been regularly monitoring IT system to ensure that our banks are not hacked," Paudel said.
The government has yet to take initiative with the North Korean Embassy in Nepal despite repeated targeting of Nepali banks by the North Korean hackers. The Nepal Police had raised the issue with the Home Ministry but it got stuck there.
The Lazarus Group, that started with attacks on South Korean government agencies, have been responsible for some of the biggest cyber attacks in recent history. They are believed to have been responsible for 2014’s Sony hack and are also connected to the theft of US$81 million from the Central Bank of Bangladesh in 2016.
American cyber-security company Symantec suspects Lazarus may have also been responsible for last year’s Wannacry ransomware outbreak.