The National Payments Corporation of India (NPCI) has said the recent incident of cyber attack in Pune-based Cosmos Cooperative Bank, that has caused an over ₹90-crore loss, is due to a malware attack on the bank’s system.
Hackers transferred over ₹90 crore out on August 11 and 13 through the malware attack on the bank's server by cloning debit cards of the bank’s customers. The transactions were carried through automated teller machines (ATMs) in 28 countries, including Canada, Hong Kong and India. Visa and Rupay debit cards were cloned. The bank registered an FIR with the Chatushringi police station and has closed all its servers and net banking facilities.
“One of our network members has confirmed a malware attack on their system,” NPCI said, while reiterating that its systems are fully secured and that this issue has occurred within the bank’s information technology environment.
Bharat Panchal, Head Risk Management, NPCI said, maximum transactions have been reported from outside India. “We wish to reiterate that our systems are fully secure and we are monitoring the situation continuously. We are there to support the bank in identifying the cause of this fraud.”
After banks failed to upgrade their software in ATMs despite repeated reminders, Reserve Bank of India has directed them to complete the process in a phased manner latest by June 2019. The banking regulator pointed out that many ATMs were still running on Windows XP and other unsupported software. According to banking industry sources, at least 30% of the 2.2 lakh ATMs across the country could still be running on old software.
Jayant Saran, Partner, Deloitte India, said continuous monitoring and surveillance was required to prevent such attacks. “Banking institutions are vulnerable to cyber attacks. Continuous monitoring, surveillance and incidence response teams deployed on standby can be beneficial in preventing large-scale attacks,” Mr. Saran said.