NIFT, the National Institutional Facilitation Technologies, claimed to have experienced a severe cyber attack resulting in the complete shutdown of both their data centers in Karachi and Islamabad. The attack had a significant impact on their operations, prompting NIFT to conduct a thorough analysis of the server and assess the damage caused by the attack. They are currently reviewing the data in an effort to recover the compromised information.
Despite the attack, NIFT managed to complete the processing of outward clearing transactions from the previous day and updated the inward clearing bags for the current day. However, they have decided to temporarily halt the clearing process for today’s physical cheques. This cautious measure is in place until they can consolidate the situation and successfully recover the data and images affected by the cyber attack.
Snapshot taken from external source:
To ensure continuity of operations and minimize disruption to their customers, NIFT is taking proactive steps. They are activating their Business Continuity Plan (BCP) sites in Karachi and Lahore, which will assist in recapturing the clearing data from the previous day if deemed necessary.
The exact attribution and motivation behind the cyber attack on NIFT Pakistan remain unclear at this stage. Further investigation is required to determine the responsible party and their objectives, whether they are financially motivated, state-sponsored, or driven by other malicious intent.
NIFT is actively engaged in analyzing the impact of the cyber attack on their server infrastructure. They are conducting a thorough review of the servers to determine the extent of the breach and assess the potential loss of data and images. This analysis is critical to understanding the scope of the attack and initiating appropriate remediation measures.
In terms of communication, NIFT acknowledges the importance of keeping stakeholders informed. They have assured stakeholders that they will provide updates regarding the recovery process, resumption of clearing operations, and the status of data recovery. Timely and transparent communication will help manage expectations and maintain trust among customers, employees, and other relevant parties.
Moreover, The National Institutional Facilitation Technologies (NIFT) reported an attempted breach on its systems, which was detected and contained immediately through their security measures. The organization reassured that there was no significant compromise of data or systems. NIFT’s dedicated teams are investigating the breach to determine its origin, nature, and potential risks. They are working to restore services promptly and plan to resume Clearing Services on Monday, June 19, 2023. All clearing instruments from Thursday and Friday will be processed on that day. NIFT emphasized that they have taken necessary measures to mitigate risks and prioritize the safety of data, systems, and the trust of their clients and stakeholders. They expressed gratitude to their client banks and customers for their unwavering trust during this incident.
Note: This report also includes Indicators Of Compromise (IOCs) provided by Regulatory Authority.