Following the cyber attack attempt on Union Bank of India, RBI has called for more vigilance to avert such incidents. Reserve Bank deputy governor Rama Subramaniam Gandhi said that the recent attempt of cyber theft in the offshore account of a state-owned lender has brought to fore the need for vigil over sensitive remittance services. Also Read - Dark Web Alert! Domino's India data of 180 million orders leaked onlineAlso Read - Air India server hacked, personal data of 45 lakh passengers leaked in massive cyber attack
Last week, Union Bank of India had informed that it had averted successfully an attempt of cyber theft in its US dollar Nostro account — the offshore account — and also there was not any financial bearing as the attack was foiled. Also Read - COVID-19 themed cyber-attack surge by 114 percent in Q4 2020: McAfee
“I would like to redraw your attention to the recent cyber incident at one of our banks. Apparently there has been no monetary loss in the recent incident. But it is too early to conclude what and how of the incident at this juncture; however, the need for vigil over the sensitive systems like remittances is once again brought to the fore, with particular focus on configuration of the systems and the human aspects in managing the systems,” Gandhi said at the annual summit ‘Cyber & Network Security’.
Gandhi said there is a need for banks to timely detect such incidences, adding a robust crisis management plan is pertinent. “If continued cyber vigil is to be ensured then a continuous process of awareness building, education, re-enforcement, tests, trials and upgradation is a must. It is this area which we generally tend to be rather lax and which is exploited by cyber -baiters,” he said.
Appropriate controls framework, reconciliation of transactions in real time basis, timely security patches to the IT interfaces and close monitoring of transactions are among the preventive measures to insulate from cyber attacks, he added.
Stressing that banks need to scale up the cybersecurity preparedness to meet the emerging threats, Gandhi said the RBI has been proactive, as well as engages in consultation and congruence in the security framework in the banking system.
He said right from the early days when RBI provided guidance on computerisation, it has been conscious of the role that IT plays in meeting the emerging customer needs and the opportunities and challenges of using technology, including cyber related aspects.
Gandhi said the recent RBI guidelines on Cyber Security Framework in banks are aimed at a focused attention to cyber threats and framework for mitigating the threats and to protect the information assets. He said information dissemination is a key in combating the cyber threat incidents and said the banks also share information about cyberattacks along with suggestions on best practices.
The Institute for Development and Research in Banking Technology also has a system to collate such information and share the generic aspects amongst the chief information security officer of banks, he said. “All these, I am sure will help the banks in further enhancing their cybersecurity-related capabilities.”