Virus scare spurs banks into action

Safety net:Bankers say vulnerable systems, through which the malware generally comes in, is a closed loop.  

Banks and financial institutions in the country went on a war footing on Monday to upgrade their software systems, particularly their anti-virus packages, in the wake of the ransomware virus, WannaCry, which affected computers in 150 countries across the globe.

However, financial systems have not been impacted so far, bankers said.

“Generally, as compared to many other sectors, the security in the financial sector is higher,” said Mrutyunjay Mahapatra, deputy managing director and chief information officer, State Bank of India (SBI), in an interaction with The Hindu . “We have not seen any financial sector companies or banks getting impacted anywhere in the world,” he said.

Bankers said vulnerable systems, through which the malware generally comes in, is a closed loop. The core banking system (CBS), for example, is a closed loop. This means that the manner in which it connects to the front end, the network and the end-point servers are all in the banks’ control.

“However, we cannot take things easy,” said Mr. Mahapatra.

He said wherever the end-points are exposed to the Web, such as mobile and Internet banking, SBI has been ‘extra cautious’.

Additional alerts

“Also, we place additional alerts at our firewalls, which are essentially barriers between the outside world and our servers.Wherever Windows machines are there, we are working with Microsoft to deploy patches in a centralised manner,” he said. SBI is updating its anti-virus systems and other related software systems.

“We are also updating anti-malware definitions. We have a system from where we can centrally update the definitions of anti-malware. So, increased surveillance, deployment of patches (software updates) and watching the firewalls —these are our three strategies.”

However, there is no impact on automated teller machines, SBI said. “ATM [network] is a [highly] closed loop [system] and one mitigating factor is that, generally, the malwares are large files while ATMs are connected with a very small bandwidth. The Indian banking sector is largely un-impacted; nothing has been reported so far,” Mr. Mahapatra added.