Mumbai, May 16, 2017
Indian banks and ATMs supposedly running on systems less sophisticated than what is used by their global peers remained unaffected by the ransomware WannaCry, which has shuttered or slowed many operations across the world.
None of the major banks, or the Reserve Bank of India, reported anything amiss in the Indian financial system. There was speculation that one or two small banks in South India may have been affected and that the magnitude of the damage may not be much, said two people familiar with the matter.
"We are closely monitoring the situation and have instructed the local IT teams of our bank to keep a watch on the systems in branches," said a banker with the nation's biggest lender, State Bank of IndiaBSE 2.43 %. "In some cases, the malware comes from external devices interacting with the banking networks. We are keeping that under check too."
The Indian financial system's claim that it has been largely unacffected by a cyber attack that has hit thousands of establishments across the globe has raised eyebrows. Indian banks are notorious for under-reporting cyber crimes and this has even attracted the regulator's criticism.
"Another area of concern is the patch management. OEMs (original equipment manufacturers) release patches after known vulnerabilities are escalated to them and if the patches are not rolled out in time, we are practically leaving the door open for exploitation," said Reserve Bank of India deputy governor SS Mundra during a speech in September last year on 'Information Technology and Cyber Risk in Banking Sector'.
Banks in general have issued internal advisories listing out the dos and don'ts for employees and asking them to keep away from suspicious links.
"The biggest requirement for financial institutions at such moments is isolation of the affected device from the mainframe, thereby preventing such viruses from spreading across the network," said the person quoted above.
Indian ATMs, which still majorly use the outdated Windows XP operating system, were feared to be the most vulnerable to hacking. ATM manufacturers ET spoke to said that nothing untoward was reported on the ATM network.
"ATMs usually do not save any financial transaction data. Hence, I do not think that machines will be particularly vulnerable to such malware attacks, which encrypt files," said the chief executive of an ATM manufacturing company.
Also, the slower speeds at which systems operate could also be helpful in preventing the spread of the malware, which is usually a big file.
"ATMs anyway run on closed loop systems and usually the machines deployed in far-flung areas run on very slow speeds. Therefore, such malwares, usually a few megabytes in size, take time to install themselves on the remote devices," said the banker quoted above.
[The Economic Times]