Banks across the country have been put on alert amid tip-offs received by the regulator on possible cyberattacks.

They have been told to proactively monitor their systems for threat detection on a 24/7 basis.

“In the light of credible threat intelligence received regarding potential cyberattacks, regulated entities are advised to put in place enhanced state of surveillance and resilience capabilities to guard against these threats,” said an advisory issued by the Reserve Bank of India to financial institutions on June 24.

Interestingly, the RBI communique came a few days before a social media post on Monday that LulzSec, a group linked to several high-profile attacks, was training its guns on Indian banks.

Similar alert by CERT-In issued last year
Widely believed to have gone dormant, the group was said to have turned active again.

Apart from continuously checking network activities and server logs to detect malicious intrusions, banks will have to monitor critical payment systems such as SWIFT (the messaging system to confirm cross-border fund transfers), card network (which facilitates card payments), the online local fund transfer frameworks RTGS, NEFT and UPI, the real-time payment system.

Banks have been reminded to put standard controls against threats like DDoS (distributed denial of service). In a DDoS strike, hackers can launch a multi-pronged attack to inundate a bank’s systems with a large number of queries which make it difficult for the website and online services to process genuine customer requests and transactions.

Besides, banks have to restrict remote logins and access to critical systems and thoroughly scan all information systems for virus and malwares and update them with latest patches after necessary testing.

“About a year ago, a similar communication was issued by the regulator and CERT-In (the Computer Emergency Response Team under the ministry of electronics). Typically, when there is some hint of a possible cyberattack, banks simultaneously test the efficacy of their continuity and contingency plans. It’s the same this time,” an industry official told ET. The regulatory communique reiterates that banks must put in place strong offline backup and recovery strategies and test their effectiveness.

“Given the numerous instances of attacks, some of which may go unreported, authorities and institutions can’t take intelligence input lightly,” he said.

Cost of data breaches
Globally, ransomware crypto payments, business email compromises and cost of data breaches surged to a new high last year. According to the RBI’s Financial Stability Report released this week, the financial sector has reported over 20,000 cyber intrusions and digital attacks, which resulted in losses amounting to US $20 billion over the last 20 years. Cyberattacks, the central bank has observed, are found to swell during periods of political and economic uncertainty such as geopolitical tensions, with disruptive consequences.

According to a December 2023 report by the non-profit industry body DSCI, 25% of the attacks in India result from clicking on malicious links in emails and websites.

According to the industry body DSCI, which focuses on data protection, attacks on banking and financial service providers may entail hijacking DLL (dynamic link library) files, which hold the resources used to run an application, and then sending the system information to a remote server.