Financial Crime World

Cybersecurity Risks in Finance Pose Major Concerns in Nepal

The growing reliance on digital transactions has created a perfect storm of cybersecurity risks for financial institutions in Nepal, leaving billions of transactions vulnerable to compromise.

Struggling to Keep Pace with Evolving Cyber Threat Landscape

Despite the increasing importance of ensuring financial system security, the Nepal Rastra Bank (NRB) appears to be struggling to keep pace with the evolving cyber threat landscape. In recent months, even leading financial institutions such as NIC Asia Bank have fallen victim to cyber attacks.

A Recent Example: NIC Asia Bank’s DoS Attack

In a reported DoS attack, hackers inundated the bank’s server with fraudulent requests, causing a slowdown in network performance and potentially compromising sensitive data. Fortunately, the bank’s system was able to withstand the attack without suffering significant damage.

Widespread Concerns and Vulnerabilities

However, these incidents are not isolated. Kaspersky Lab, a Russian-based computer security firm, has revealed that hackers attempted to launch cyber attacks against Nepal’s financial institutions in 2015 using the Carbanak virus.

Experts’ Warning: Immediate Action Required

Experts warn that financial institutions in Nepal must take immediate action to strengthen their cybersecurity measures. This includes:

  • Hiring a Chief Technology Officer (CTO) to oversee and implement robust security protocols
  • Strictly monitoring access to systems, with personnel given access only when essential to avoid any breaches

Neglecting Cybersecurity Measures: A Recipe for Disaster

Despite public concern over the lack of cybersecurity measures, many financial institutions continue to neglect this critical issue. Failure to prioritize the hiring of a CTO exposes these organizations to considerable hazards, including:

  • Phishing attempts enabled by email access
  • Compromised sensitive data and financial assets

Regulatory Measures: Insufficient and Ineffective

Analysts are also skeptical about the effectiveness of regulatory measures applied by the Nepal Rastra Bank, particularly the absence of supervision for institutions that violate safety rules. Until stronger measures are put in place, financial institutions and citizens alike remain at risk of falling victim to cyber attacks.

Conclusion

Cybersecurity risks in finance pose major concerns in Nepal. It is imperative that financial institutions prioritize cybersecurity measures and regulatory bodies strengthen their oversight to protect the financial system from potential threats.