Bank Servers Hacked in Mumbai:
Over Rs. 2 Crores Stolen

Leading Co-Operative Bank in Mumbai Falls Victim to Hackers, Over Rs. 2 Crores Stolen

A leading co-operative bank in Mumbai fell victim to a cyberattack when hackers breached its servers and managed to wipe out over Rs. 2 crores from accounts of various customers.

The server of a co-operative bank in the city of Mumbai was hacked wherein the cybercriminals managed to get away with more than 2.5 crores from different bank accounts of the bank’s customers. According to reports, the hack took place on June 24, 2002, when a technical consultant turned whistleblower brought to light more than 40 unauthorized transactions from 4-5 different accounts in a single day. A case has been registered under the section of the Indian Penal Code and IT Act and the cybercrime cell is investigating the case further.

“Today, customers prefer online banking over traditional banking, because of the former’s ability to access and execute transactions at the click of a button or tap. More than 65% of our bank customers use our mobile apps to manage their accounts on a day-to-day basis,”said a bank representative.

With so many customers making the jump to online banking, it is no wonder that hackers see a feast of opportunities. This is the reason CERT-In (the Indian Computer Emergency Response Team) has issued a set of cybersecurity directives for critical infrastructure companies including the banking organizations in the country to prevent and combat such attacks.

CERT-In has recommended using a strong incident response system or strategy to spot and contain such cyber attacks in the banking, insurance, finance and critical infrastructure sector. According to CERT-In’s new cybersecurity directives, organizations operating in the critical infrastructure sector will have to report an attempted cyberattack within six hours of the incident. Now such incidents may range from phishing attacks to denial-of-service attacks.

Expert Cybersecurity Advice for Banking Organizations

Cyberattacks against banking and financial organizations are increasing at breakneck speed. This is the reason banks ought to beef up their security infrastructure with a comprehensive data security strategy that incorporates people, processes and technology.

Futurism recommends following best practices to safeguard your bank from the menace of cyber threats in today’s fast-evolving threat landscape:

• Prioritize remediation of vulnerabilities: Banking institutions ought to prioritize their approach to vulnerability assessment and patch management.

• Secure partner/vendor network: Banks and financial organizations work with multiple vendors/partners and agencies including insurance companies, etc. Futurism recommends assessing partner networks for underlying security risks and vulnerabilities.

• Incident response: Banks should respond proactively in the event of an intrusion. IT and security resources should focus on data monitoring and tracking unusual network traffic using an advanced threat protection model.

• Employee awareness: Bank employees ought to have a clear understanding of how to identify and report cyber threats such as phishing. Banks should proactively communicate with employees about the security measures and policies and advise them to be extra careful. Having an integrated web and email security is a win here.

• Cyber resiliency: Test backup and recovery procedures regularly and ensure safe storage of critical customer data. Have a strong line of defense to thwart coming-of-age attacks including multi-prong attack tactics and new strands of Ransomware using a Zero Trust Security Model.

• Secure cloud networks: Protect all hybrid and multi-cloud infrastructure with strong access-based policies, controls and governance.

• Endpoint security: Strong endpoint security and policies to protect all critical endpoints including mobile phones, desktops, tablets, laptops, etc.

• Strong data privacy controls and consent: Putting Zero Trust Security Framework in place and simplifying risk management by eradicating implicit trust. No matter the user, user location, access method or situation, security should take the center stage.

• Access management with Zero Trust: Powerful risk-based access policies and intelligent multi-factor authentication with an effective identity and access management strategy.

• Remote network protection: Having a Zero Trust framework to prevent security attacks that may include user impersonation, data exfiltration, stolen credentials, password reuse, etc.

• Strong firewall protection: Attackers can shut down your bank’s entire network if it lacks a robust firewall and network protection strategy.

• Insider threat protection: Monitoring privileged access to confidential data with insider threat security. Detect unauthorized access and abnormal authentication or access requests.

• Seek expert help: Employ a trusted managed security services provider that will help you deploy the right layers of security.

Takeaway

Breaches like these are a wakeup call for the banking sector to get their heads into cybersecurity. In addition to the abovementioned measures, getting expert help from a trusted cybersecurity services provider is an excellent move towards securing your bank and customers from such attacks.

Is your bank prepared to handle a cyber pandemic? How strong is your bank’s security posture? Are you searching for ways to strengthen your bank’s security architecture?

For any assistance to securing your bank, schedule a consultation with our cybersecurity expert now

Disclaimer: All the information, views and opinions expressed in this op-ed are those of the authors and their respective web sources and in no way reflect the views, principles, or objectives of Futurism Technologies.