A motley group of cyber experts is working overnight in Hyderabad to make your banking transactions secure.
The group, working for RBI’s tech arm IDRBT, creates malware to attack the vulnerabilities in banks’ security networks. The attacks are done on dummy sites, not on the main sites, so as not to disrupt banking transactions. The feedback is shared with banks to help them upgrade their security systems.
As many as 67 banks have joined the initiative started by the institute to get their cyber security preparedness tested.
Internet security solutions company Symantec has observed that India has consistently moved up the ranking for countries with the most number of financial Trojan infections over the last three years. Its rank has gone up to three in 2015 from seven in 2013, indicating the seriousness of the problem. “At least 40 per cent of the BFSI (banking, financial services and insurance) businesses were attacked at least once,” Symantec’s financial threats report for 2016 said.Most favoured target
Banks and financial institutions are the most favoured target for cyber criminals. Reports by various internet security firms show that the majority of the attacks happen on these clients and their end users.
The cyber expert group consists of young researchers in cyber security and faculty at the Institute for Development and Research in Banking Technology (IDRBT).
The institute set up the group, IB-CART (Indian Banks - Center for Analysis of Risks and Threats), to help banks create a safety net to contain cyber attacks. “This group creates malware and attacks the dummy sites that the banks create for testing. The original sites of the banks are not involved in the mock drill as it impacts their services. But the banks use all the security defence tools that they use for the main sites to defend themselves against the mock attacks,” AS Ramasastri, Director of IDRBT, told BusinessLine .
The exclusive group set up for the purpose covers all the banks, taking up 10-15 banks at a time. The experts will check how effectively the banks’ defence systems have thwarted attacks. “We will share the feedback with banks,” he said.
Besides, the Chief Information Security Officers of banks have also set up a forum to discuss cyber attacks and to share information, manage and plan for issues related to information security.