The Reserve Bank of India (RBI) has issued a nationwide alert to banks, urging them to ramp up their cybersecurity measures following credible intelligence reports of potential cyber-attacks. The central bank’s advisory, released on June 24, highlights the need for banks to continuously monitor their systems to detect any threats and mitigate risks.
According to the RBI, several high-profile attacks are targeting Indian banks by the notorious hacking group LulzSec, which was previously believed to be inactive but has now resurfaced. Banks are instructed to enhance monitoring capabilities, particularly around critical payment systems such as SWIFT, card networks, RTGS, NEFT, and UPI.
Enhanced Cyber Defenses Needed
The RBI has emphasized the importance of defending against Distributed Denial of Service (DDoS) attacks. These attacks involve hackers overwhelming bank systems with numerous requests, disrupting online services. To combat this, banks are advised to implement standard controls, restrict remote login and access to critical systems, and thoroughly scan information systems for viruses and malware. Ensuring the installation of the latest patches after necessary testing is also crucial.
Increasing Cyber Threats
The recent RBI financial stability report has noted a significant increase in cyber intrusions and digital attacks targeting the financial sector, resulting in losses of $20 billion over the past two decades. The central bank warns that such attacks tend to escalate during times of political and economic instability, such as current geo-political tensions.
Regulatory Directives and Preparedness
An industry official highlighted that similar directives were issued by regulators and CERT-In about a year ago. Banks are now once again testing their preparedness in response to these new warnings. The RBI emphasizes the need for strong offline backup and recovery strategies and the importance of regularly testing their effectiveness. The official further stressed that banks must not take confidential information lightly given the ongoing threats.
As cyber threats continue to evolve, the RBI’s advisory serves as a crucial reminder for banks to stay vigilant and proactive in safeguarding their systems and customer data.
