India’s fintech sector has grown rapidly in recent years, becoming one of the fastest-growing markets in the world. Today, the country is home to more than 100 fintech unicorns. This significant growth of fintech has attracted Cyberattacks dramatically and has become a very prominent theme in the news, with numerous stories appearing almost every day on social media.
Let’s have a look at some of the cyberattacks on Indian banks.
Cyberattack on Union Bank of India
It all began when a bank employee unknowingly opened a malignant email attachment that appeared to come from the RBI.
The cyber-attack was a classic case of phishing triggered by an e-mail that was circulated in name of the most trustworthy organization RBI. The e-mail carrying malicious codes was circulated to a few email ids of customer care, individuals, and e-banking persons. Out of all, few people reported the email to the security team of the bank. Even though the email was sent from RBI, it contained a .xer file instead of a pdf or xls, raising questions about its content.
unfortunately, there were few not-so-tech-savvy people who opened the e-mail, and soon after the malicious code entered inside banks’ networks and servers which made way for hackers to cause a theft attempt of $ 170 m.
So, what went wrong here?
Even though the bank’s infrastructure had all the basic preventive measures, attackers identified the vulnerability and created a foothold by gaining access to the system. The main motive of this attack was to gain financial information and theft money.
So, lack of awareness about cyber-crime, and lack of proper training for the officials to identify cyber-attack at the initial stage and to prevent any such loss is the main reason that needs to be taken care of.
Cyberattack on Cosmos Bank of Pune
This is one of the best examples of a malware attack. In this case, the bank’s internal and ATM infrastructure was compromised.
The crime involved multiple malicious central code attacks on the banks switching system between central and core banking systems. Basically, the code generated false payment transfer requests in response to transaction requests by the customers. After making false adjustments to targeted customers’ account balances, sending false standing – an activity that authorized ATM withdrawal of a large amount of money using 450 cloned non-EVM debit cards from various countries. Attackers compromised the bank’s ATM/POS switching system by sending malicious codes into the system which in turn did not allow verification of any transactions requested by users at the POS/ATM machine.
Cyberattack on AP Cooperative Mahesh Bank, Hyderabad
Cybercriminals hacked into Mahesh bank servers, got access to the main account, and made a transfer of a whooping 12 crores rupees to hundreds of unknown banking accounts.
A number of bank accounts were compromised, though a preliminary investigation by the cyber security firm appears to indicate it was an inside job.
Cyberattack on Dombivli Nagarik Sahkari (DNS) bank, Maharashtra
It was also a case of server hack and the bank loses more than Rs 2 lakhs. The bank halted all its transactions in time after realizing that its server has been compromised, however it could have been the biggest one if the luck was not in their favor.
Data Leak Jana Small Finance Bank
Jana Bank is a small financial bank approved by RBI. This data leak case was a serious cybersecurity ignorance that exposed millions of documents providing information about financial transactions in the public domain.
The database used for Know Your Customer verification was not password-protected, making it possible for anybody to see, edit, or download the data. As soon as Jana Bank became aware of the exposure, the database was immediately safeguarded.
In order to keep the customers safe, it is essential that all the banks implement the security measures suggested by RBI without fail. It will reduce the chances of such attacks, hence protecting its customers.
RBI Guidelines To Improve Bank Security
- Arrangements for continuous monitoring
According to the RBI, cyberattacks do not have warnings or timeframes, so banks must monitor new cyber threats as soon as they emerge.
- Consistently preserve customer data
For financial institutions to operate efficiently, technology is essential. In order to meet the needs of their clients, it also enables businesses to deliver cutting-edge digital products. Banks do, however, gather private and sensitive data from their clients during the transaction.
Banks should take the necessary actions to guarantee the privacy, availability, and integrity of this data are not compromised. Furthermore, banks must protect data when it is in their environment or that of third-party providers because they are the stewards of this information. In order to do this, banks should set up appropriate systems and procedures throughout the data/information lifecycle.
- Inform RBI of any cybersecurity incidents.
It is extremely important for all banks to alert the RBI about any cyber-security-related damages regardless of their severity.
- Maintain a list of your IT equipment
Banks must keep a track of all of their IT assets, including their business applications and network infrastructure. We at Adviacent provide all the services related to asset management at a reasonable cost.
- Stop the use of unapproved software
Banks should keep a limited supply of authorized software in order to safeguard against unauthorized use of the bank’s computers.
- Vendor risk control
Banks are responsible for ensuring that they manage security risks appropriately when they outsource or work with partners.
- Real-Time Threat Defense Management
Banks should take into account a number of suggestions from the Reserve Bank of India while constructing a strong defense system against the installation, propagation, and execution of harmful code. The RBI also promotes the use of secure web gateways equipped with deep packet inspection capabilities and whitelisting of internet websites and services.
- Anti-Phishing System
If a bank doesn’t have an anti-phishing service from an external provider, it could end up with a large number of phishing emails and potentially take down low-quality websites.
- Control of Data Leaks
To protect confidential, proprietary, and sensitive information of customers and the organization, RBI suggests banks to develop a comprehensive plan to minimize data loss and leaking.
- Vulnerability Assessment and Penetration Testing
Banks should conduct periodic vulnerability assessments and pen-testing exercises on all critical systems, especially the internet-facing ones. A bank infected with malware or without the protocol of secure and encrypted communication between employees will be an easy target for cybercriminals.
- Forensics Audit
Banks that don’t have enough help might need to budget money for a forensic investigation in order to handle the problem effectively. To gather information about the occurrence, determine who was at fault, and acquire evidence, a forensic inquiry is carried out. You can use it to comprehend what happened and learn how to reduce risk in the future.
With the rapid rise of the fintech industry, cybersecurity has become one of the main issues. Adviacent Consulting Services is here to assist banking organizations in managing risk, safeguarding assets, and making the most of their data.
Our cyber security consultant at Adviacent will collaborate with you and your team to find vulnerabilities and strengthen the security of your company.
Thanks for reading our blog. If you enjoyed it, we’d love to hear your feedback!
Sumit Jain
Cybersecurity Enthusiast at adviacent.com
A cybersecurity enthusiast helping businesses with their cyber risks & understand the growing cyber threats.
I write about the latest news, review products and services on cybersecurity, and do a bit of podcasting.
I hope you enjoyed this post! If you have any suggestions, please leave a comment below.