Context:
A significant ransomware attack has recently compromised the operations of approximately 150-200 cooperative banks and Regional Rural Banks (RRBs) across India. The National Payments Corporation of India (NPCI) pinpointed the source of the disruption to C-Edge Technologies Ltd., a collaborative enterprise between Tata Consultancy Services Ltd. (TCS) and the State Bank of India (SBI). This incident highlights critical vulnerabilities within the banking infrastructure serviced by this joint venture.
Relevance:
GS III: Security Challenges
Dimensions of the Article:
- Impact of Ransomware Attack on Banking Operations
- Wider Effects on the Payment Ecosystem
- What is ransomware?
- What is Cyber Attack and Cyber Security?
- What are other similar types of Cyber Attacks?
- Which agencies in India deal with cyber-attacks?
Impact of Ransomware Attack on Banking Operations
- Target of the Attack: C-Edge Technologies Ltd. was hit by a ransomware attack, impairing its service delivery to cooperative banks and Regional Rural Banks (RRBs).
- Disruption in Payment Systems: Customers at affected banks faced difficulties accessing critical payment channels such as the Unified Payments Interface (UPI) and Aadhaar-enabled payment systems (AePS).
- Operational Continuity in Some RRBs: Certain RRBs remained operational, relying on alternative technology service providers backed by their sponsor banks.
Wider Effects on the Payment Ecosystem
- Exposure of Vulnerabilities: The incident exposed the susceptibility of tech providers integral to sustaining the payment infrastructure.
- Demand for Enhanced Cybersecurity: It emphasizes the essential need for strengthened cybersecurity defenses to prevent future occurrences.
- Importance of Collaborative Efforts: Enhanced collaboration among the National Payments Corporation of India (NPCI), banks, and tech firms is vital to quickly counteract and alleviate the consequences of such disturbances.
What is ransomware?
- Ransomware is a type of malicious software, used by cyber criminals, to infect a computer system by blocking access to the stored data by encrypting the files.
- A ransom is then demanded from the owner in exchange for the decryption key.
- While it is not yet clear as to how exactly the AIIMS computer systems were targeted, the malware may usually be injected remotely by tricking the user into downloading it upon clicking an ostensibly safe web link sent via email or other means, including hacking.
- It can spread throughout the network by exploiting existing vulnerabilities. Ransomware attacks can also be accompanied by theft of sensitive data for other sinister motives.
What is Cyber Attack and Cyber Security?
- Cyber attack is an assault launched by cybercriminals using one or more computers against a single or multiple computers or networks. A Cyber Attack can maliciously disable computers, steal data, or use a breached computer as a launch point for other attacks. Cybercriminals use a variety of methods to launch a Cyber Attack, including malware, phishing, ransomware, denial of service, among other methods.
- Cybersecurity means securing the cyberspace from attack, damage, misuse and economic espionage. Cyberspace is a global domain within the information environment consisting of interdependent IT infrastructure such as Internet, Telecom networks, computer systems etc.
What are other similar types of Cyber Attacks?
- Viruses which are the most commonly-known form of malware and potentially the most destructive. They can do anything from erasing the data on your computer to hijacking your computer to attack other systems, send spam, or host and share illegal content.
- Worm is a type of malware that spreads copies of itself from computer to computer which can replicate itself without any human interaction, and it does not need to attach itself to a software program in order to cause damage.
- Trojan is a type of malware that is often disguised as legitimate software which can be employed by cyber-thieves and hackers trying to gain access to users’ systems.
- Spyware collects your personal information and passes it on to interested third parties without your knowledge or consent. Spyware is also known for installing Trojan viruses.
- Adware displays pop-up advertisements when you are online.
- Fake security software poses as legitimate software to trick you into opening your system to further infection, providing personal information, or paying for unnecessary or even damaging “clean ups”.
- Browser hijacking software changes your browser settings (such as your home page and toolbars), displays pop-up ads and creates new desktop shortcuts. It can also relay your personal preferences to interested third parties.
Which agencies in India deal with cyber-attacks?
- Set up in 2004, the Indian Computer Emergency Response Team (CERT-In) is the national nodal agency that collects, analyses and circulates inputs on cyber-attacks; issues guidelines, advisories for preventive measures, forecasts and issues alerts; and takes measures to handle any significant cyber security event.
- It also imparts training to computer system managers.
- The National Cyber Security Coordinator, under the National Security Council Secretariat, coordinates with different agencies at the national level on cybersecurity issues, while the National Critical Information Infrastructure Protection Centre has been set up for the protection of national critical information infrastructure.
- According to the government, the Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre) has been launched for detection of malicious software programmes and to provide free tools to remove the same, while the National Cyber Coordination Centre works on creating awareness about existing and potential threats.
-Source: Indian Express