Massive ransomware attack cripples 300 Indian banks, majorly disrupts ATM, UPI services

A major ransomware attack has disrupted the operations of nearly 300 small Indian banks, primarily affecting rural and cooperative institutions. This cyberattack, which occurred on Wednesday, targeted C-Edge Technologies, a key provider of banking solutions for these smaller entities, leading to significant payment system outages, as reported by Reuters.

In the wake of the attack, regulatory bodies acted swiftly. The National Payment Corporation of India (NPCI) took the precaution of temporarily severing C-Edge Technologies’ access to its retail payment network to halt the potential spread of the cyber threat.

As a result, customers of the impacted banks found themselves unable to use various payment services.

India’s banking sector includes around 1,500 cooperative and regional banks, most of which serve regions beyond the major cities.

The attack has significantly impacted a large portion of this sector, raising serious concerns about the cybersecurity measures in place for rural banking infrastructure.

Regulatory authorities are now conducting comprehensive audits to evaluate the damage and prevent further issues. The Reserve Bank of India (RBI), however, has not yet issued any statements on the situation.

An advisory from the NPCI informed that the banks affected by the disconnection will experience interruptions in their payment services during this isolation period. This step is intended to safeguard the broader payment infrastructure of the country.

According to officials, although nearly 300 banks have been cut off from the network, these institutions represent a minor segment of about 0.5 per cent of the nation’s total payment system volumes.

To manage the situation and mitigate risks, the NPCI is currently performing an audit. In addition, both the RBI and Indian cyber authorities had previously alerted financial institutions to the possibility of cyber threats in recent weeks.

This incident starkly emphasizes the need for stronger cybersecurity defences in the financial sector, particularly for smaller banks that might not have the necessary resources for advanced security measures.

It highlights the importance of routine security checks and comprehensive disaster recovery strategies. Experts suggest that resolving the issue quickly is crucial to minimizing economic disruption and maintaining public confidence in the banking system. This attack serves as a crucial reminder of the need for heightened cybersecurity across India’s varied banking landscape.