Is Indian Banks ready for advanced and pervasive cyberattacks?

Cyber security experts says, it is the high time for the banks to get fully prepared with the cybersecurity infrastructure in case of a massive security breach involving funds, stressing that state-of-the-art security systems are the need of the hour.

Robust security systems and incidence response capabilities are imperative for all companies and financial institutions that are custodians of customer data and customer assets, including funds. While there is growing awareness to regularly update an organisation's cyber preparedness and defence mechanisms, a large number of institutions wake up to this reality only post an incident which often leads to a loss of reputation and/or financial misappropriation.

Cyber attacks today are multi-pronged and can start with a malware being downloaded into a system or via a web application being hacked.This is a big challenge specially for banks, where it is no longer sufficient to protect just your data centres and your headquarters, you have to protect ATMs and branch offices in addition to securing incoming data even from affiliated organisations.

The financial services sector was subject to 3.5 billion credential stuffing attacks over the past 18 months, as per Akamai’s 2019 State of the Internet / Security Financial Services Attack Economy Report, which found that 50% of all attacks from phishing domains were targeted at the financial sector.

The report indicates that between December 2018 and May 2019, nearly 200,000 phishing domains were discovered, of which 66% targeted consumers directly. When taking the phishing domains targeting consumers only into consideration, 50% of those targeted companies in the financial services industry.

"Criminals supplement existing stolen credential data through phishing, and then one way they make money is by hijacking accounts or reselling the lists they create. We’re seeing a whole economy developing to target financial services organizations and their consumers."
Akamai’s findings additionally reveal that 94% of observed attacks against the financial services sector came from one of four well-documented methods: SQL Injection (SQLi), Local File Inclusion (LFI), Cross-Site Scripting (XSS), and OGNL Java Injection (which accounted for more than 8 million attempts during this reporting period). OGNL Java Injection, made famous due to the Apache Struts vulnerability, continues to be used by attackers years after patches have been issued.

Criminals have also started launching DDoS attacks as a distraction to conduct credential stuffing attacks or to exploit a web-based vulnerability. Over the course of 18 months, Akamai uncovered more than 800 DDoS attacks against the financial services industry alone.

Attackers are targeting financial services organisations at their weak points: Very recently, RBI has imposed ₹11 cr fine on seven PSBs for violating norms on current account opening. Allahabad Bank and Bank of Maharashtra have been imposed a fine of ₹2 crore each, Bank of Baroda, Bank of India, Indian Overseas Bank and United Bank of India have been slapped with fines of ₹1.5 crore each, while Oriental Bank of Commerce has been imposed with a penalty of ₹1 crore. The Reserve Bank of India (RBI) has, by an order dated July 31, 2019, imposed monetary penalty on seven banks for non-compliance with certain provisions of directions issued by RBI on 'Code of Conduct for Opening and Operating Current Accounts'," RBI said in a release.

As India rides on the wave of digitization, our banking sector can be seen incorporating wide-ranging digital technologies including some of the most embryonic ones such as IoT and cloud solutions. Irrespective of what the objective is, vulnerabilities in digital infrastructure are what every cyberattacker looks for.

Cyberattacks on the FIs are more often driven by nation-states as compared to independent hackers. Such attacks are usually conducted for catastrophic damages rather than just financial theft. According to previous National Cybersecurity Coordinator at the National State Council Dr. Gulshan Rai, banks are most vulnerable to cyber threats and the Indian banking system needs to prepare itself to mitigate the associated risks. He also mentioned that nearly 22% of the attacks which took place in the country were on the banking sector and these attacks are becoming complex day by day, especially with the adoption of digital technologies in the business. Cybersecurity exploits are inevitable, more so because of the embryonic technologies which have created an open infrastructure more susceptible to cyberattacks.