In the latest incident hacker have transferred more than Rs. 94.42 crores in national and foreign bank accounts. The incident occurred at Cosmos Co-Operative Bank Limited in Pune. The incidences have raised questions and concerns about the security preparations of Banks in India. As the experts said this is the time to take corrective actions and consolidate cybersecurity should not be limited to Banks it should comprise of overall security in the cyber arena.
In the current situation, Banks, data protection, customer data security, documents security and many more things are on stake hackers are trying to break security in every possible manner and we need to restrict them by setting up proper security infrastructure.
As per Nikhil Bedi partner Deloitte an Impenetrable security system and an immediate action capacity is the need of an hour for companies and financial institutions because they are the guardian of customer data including funds and their assets. As per the statement by Mr. Bedi awareness is increasing but still, there is a large number of organizations who only wakes when the incident happens. Whenever such kind of incident happens, the particular organization earns a bad name and their existing and prospective customers lose faith.
You might remember one such kind of security incident occurred in 2016 when non-SBI ATM network is being attacked with a malware and due to which 600k debit cards were blocked. Predictably there are more than 30 lacs of debit cards which are being issued by private and nationalized banks are in danger.
In today’s scenario, a cybersecurity attack can happen in many ways. It can happen by downloading a malware in a system or by hacking a web application.
As per leading cybersecurity experts, this is one is the biggest challenge, especially for banks. For the bank the security is not limited to the main branches or chief data centers rather cybersecurity should be extended to all the ATM’s, branches at different levels. The data flow from institutions should also have proper cybersecurity shields to safeguard customer data. There are companies who are providing security solutions at various levels as we know technology is changing every hour and the old system needs to be upgraded. Bank in Europe and in the United States spend millions in their security systems.
In the case of Cosmos Co-Operative Bank hackers have developed a proxy switch and all the fraudulent payments are being approved through this proxy switch. Normally CBS receives debit card payment request through this switching system. As per the Cosmos Bank officials, the malware has attacked the switch system which was working for VISA / Ru Pay payment gateway for debit cards. As this cyber-attack was not on the Core Banking System, that’s why the customer accounts and their balance has not been affected.
The main target of hackers is Banking Financial Services and Insurance (BFSI) sector. As per Mr. Sanjay Katkar of Quick Heal Technologies Ltd. Who are the MD and CTO has suggested that the regulators have to develop risk management framework that includes threat-response strategy and in case of security threat each step and guidelines to prevent such kind of incident should be mentioned?
As per Mr. Katkar the companies who fall under this domain BFSI each organization needs to appoint compulsory chief security officer and in regular intervals, under the protocol, the system has to be checked often. If the chief security officer finds loopholes in security he or she will have to take necessary action to safeguard against cyber-attacks.
These are some of the views and opinions of leading companies and their experts. But the question is are we really ready to stop such kind of incidences in future frankly no but yes, the BFSI domain needs some urgent solution for security breaches. The cyber attack won’t stop just the BFSI need to appoint security commanders who think from hacker’s brain. As common saying locks are made for gentlemen, not for robbers. On a concluding note every BFSI should review their existing security system and don’t forget to test your own system if there is any security concern please be advised to fix it and never lose your customer trust.