Ransomware attack cripples payment systems at nearly 300 small Indian banks

A ransomware attack on C-Edge Technologies, a major banking technology provider in India, has forced the temporary shutdown of payment systems at nearly 300 small local banks.

The attack prompted the National Payment Corporation of India (NPCI), the country's payment system overseer, to take swift action. "The National Payment Corporation of India (NPCI), an authority that oversees payment systems, in a public advisory issued late on Wednesday said that it had 'temporarily isolated C-Edge Technologies from accessing the retail payments system operated by NPCI,'" the advisory stated.

"Customers of banks serviced by C-Edge will not be able to access payment systems during the period of isolation," the NPCI added.

“All online transactions, such as RTGS and UPI payments, are affected. Money is deducted from the sender's account but does not get credited in the receiver's account," chairman of Amreli District Central Cooperative Bank Dilipbhai Sanghani told PTI.

Two officials at a regulatory authority, speaking to Reuters on condition of anonymity, confirmed that close to 300 small banks have been isolated from India's broader payment network to contain the attack.

“Most of these are small banks and only about 0.5% of the country’s payment system volumes would be impacted,” one of the sources told Reuters. 

India has a vast network of approximately 1,500 cooperative and regional banks, primarily serving customers outside major cities. It's these smaller institutions that have been affected by the ransomware attack.

The NPCI is currently conducting a thorough audit to prevent the attack from spreading further.

Both the Reserve Bank of India (RBI) and Indian cybersecurity authorities had previously issued warnings to banks about the potential for cyberattacks in recent weeks.

Pankit Desai, co-founder of Sequretek told Business Today, "The breach affecting over 300 small banks is a distressing reminder of the vital role cybersecurity plays in preserving the integrity of our financial systems. Such incidents can have far-reaching consequences, disrupting critical banking services and eroding consumer trust. The role of the 3rd party solution providers and tools poses a significant risk that hurts organisations, the most."

"Financial institutions, irrespective of their size, must prioritise their cybersecurity initiatives. It is essential for banking technology providers to implement multi-layered security measures and regularly conduct risk assessments to identify and mitigate potential vulnerabilities. High time that financial institutions strengthen their cybersecurity posture and ensure they are equipped to handle the sophisticated cyber threats of today," Desai added.

Rayan Malhotra, Founder &CEO of NeoFinity commented, "The recent ransomware attack on C-Edge Technologies underscores the critical importance of robust cybersecurity measures in the financial sector. This incident temporarily disrupted payment systems at nearly 300 small local banks, highlighting the vulnerabilities that can arise even with trusted technology providers. The National Payment Corporation of India's swift action to isolate C-Edge Technologies from the retail payment system was a necessary step to contain the threat and protect the integrity of our financial infrastructure. Moving forward, all stakeholders in the banking and fintech ecosystem must prioritise cybersecurity investments and collaboration. Ensuring the resilience and security of our payment systems is essential to maintaining trust and stability in the financial sector, especially as we continue to advance towards a more digital and highly interconnected economy."

What is Ransomware?

Imagine a digital thief breaking into your computer, locking all your important files, and demanding money to give you the key back. That's basically what ransomware does.

Here's a simple breakdown:

Malware: It's a type of malicious software (malware).

File Encryption: It encrypts your files, making them inaccessible to you.

Ransom Demand: Cybercriminals demand a ransom payment (usually in cryptocurrency) to decrypt your files.

High Stakes: It can cripple businesses, disrupt operations, and lead to significant financial losses.

Think of it like a digital hostage situation for your data. The criminals hold your files hostage and demand a ransom for their release.

Here are some key things to know about ransomware:

How it spreads: Often through malicious email attachments, infected websites, or software vulnerabilities.

Prevention is key: Strong passwords, regular software updates, and cautious online behaviour are essential to reduce risk.