Experts Launch Mock Attacks To Test Banks' Cyber Security Readiness

by CXOtoday News Desk    Jan 11, 2017

Cyber Security

In the wake of recent massive Debit card hack and increase in online frauds post demonetization, the RBI’s tech arm IDRBT has reportedly formed a group to test the cyber security preparedness of the banks in India. According to the report published in Business Line, A motley group of cyber experts have launched a massive malware attacks on the dummy sites of the banks. The feedback has been shared with banks to help them upgrade their security systems. However, the report does not reveal the findings of the exercise. 

The cyber expert group consists of young researchers in cyber security and faculty at the Institute for Development and Research in Banking Technology (IDRBT). As many as 67 banks have joined the initiative started by the institute to get their cyber security preparedness tested, the report claims. 

The institute has also set up the group, IB-CART (Indian Banks - Center for Analysis of Risks and Threats), to help banks create a safety net to contain cyber attacks. “This group creates malware and attacks the dummy sites that the banks create for testing. The original sites of the banks are not involved in the mock drill as it impacts their services. But the banks use all the security defence tools that they use for the main sites to defend themselves against the mock attacks,” AS Ramasastri, Director of IDRBT, told BusinessLine.

The exclusive group set up for the purpose covers all the banks, taking up 10-15 banks at a time. The experts will check how effectively the banks’ defence systems have thwarted attacks. “We will share the feedback with banks,” he said.

There is a sudden spike in the online frauds post demonetization. Since, banks are always a soft target of cyber criminals, their online platforms are on a radar of cyber crime syndicates to put a break to the journey towards digital economy.  Earlier in October, a massive debit card hack reportedly hit major banks including HDFC Bank, ICICI Bank, Yes Bank, Axis Bank and SBI, compromising as many as 3.2 million debit cards.

According to the reports, SBI, HDFC Bank, ICICI Bank, YES Bank and Axis Bank were among the worst hit. About 2.6 million affected cards are reportedly on the Visa and Mastercard platform, while 600,000 are on RuPay.

Internet security solutions company Symantec has observed that India has consistently moved up the ranking for countries with the most number of financial Trojan infections over the last three years. Its rank has gone up to three in 2015 from seven in 2013, indicating the seriousness of the problem. 

“At least 40 per cent of the BFSI (banking, financial services and insurance) businesses were attacked at least once,” Symantec’s financial threats report for 2016 said.