Indian banks ordered a ban on staff using internet in office except for
essential banking services, while the leader, State Bank of India, has
installed new software and ordered branches to follow instructions to
prevent Wannacry malware from crippling operations.
Bankers were barred from accessing various websites, including Gmail and
Yahoo. Those in non-sensitive departments were also told not to visit
social media sites like Facebook and Twitter. The use of internet was
permitted only for clearing operations and necessary businesses.
"This is to be taken most seriously. Please ensure these are percolated
to the last mile up to every employee having access to the network,
including staff working in offices/departments/TCs/call centres, etc,"
Union Bank of India chairman Arun Tiwary said in a message to
departmental heads.
The Indian Banks' Association warned its members to take precaution in a
way that would protect the individual banks as well as the system from
the attack, which is threatening to stall businesses. "We have advised
banks to take utmost precaution in light of the reports of a global
cyber attack.
This advisory is just precautionary in nature and we are confident that
banks are well equipped to deal with any challenges that come," said an
IBA official. He cannot be named because he is not allowed to speak to
media.
Banks, in general, use dedicated computers to access internet so that
their core banking solutions remain immune to outside threats, but these
dedicated machines are now being used with restrictions, senior
officials of three state-run banks said.
"We are being extremely vigilant because of this new threat. Though we
have found nothing extraordinary in our systems so far, our IT teams are
on high alert because of this heightened threat," said the chief
operating officer at a private sector bank.
The malware spreads by exploiting vulnerable systems running on Windows
operating system. The Indian Computer Emergency Response Team has issued
advisory for prevention of this threat. "So far, there is nothing
damaging coming out of India, but there is considerable risk for the
large databases of KYC and Aadhaar, which banks will have to be careful
about," said Ashvin Parekh, an independent banking consultant.
In October last year, a malwarerelated security breach had forced SBI to
block six-lakh debit cards as a precaution after it was alerted by card
network companies such as Mastercard and Visa.
"Digital transactions in financial services have grown at a rapid pace
in India, but investment in security is not commensurate with the risk
the transactions pose," said Piyush Singh, managing director, financial
services - Asia Pacific, Accenture.
"Banks in India will not only have to look at investment in technology
infrastructure, but also operations management and contagion of risks
posed by technology."
Source :The Economic Times
No comments:
Post a Comment