CIOInsider India Magazine
Ransomware Attack Wrecks Havoc to Almost 300 Small Local Banks
A ransomware attack on India’s major banking technology provider, C-Edge Technologies, caused a temporary shut down of almost 300 small local banks affecting their payment systems.
The situation saw quick action from the National Payment Corporation of India (NPCI), the country’s payment system supervisor.
"The National Payment Corporation of India (NPCI), an authority that oversees payment systems, in a public advisory issued late on Wednesday said that it had 'temporarily isolated C-Edge Technologies from accessing the retail payments system operated by NPCI,'" the advisory stated.
"Customers of banks serviced by C-Edge will not be able to access payment systems during the period of isolation," the NPCI added.
Customers of these banks were unable to withdraw money from ATMs and even use UPI services due to the ransomware attack.
Customers of regional rural banks and cooperative banks that rely on C-Edge, a joint venture between SBI and TCS, were primarily affected.
"Customers of banks serviced by C-Edge will not be able to access payment systems during the period of isolation," the NPCI said.
To get the systems back up and running, the authorities are operating like in a war.
It is said that there are about 1,500 cooperative and regional banks residing in India's extensive network, mainly servicing customers outside of large cities.
However, the smaller establishments are the ones that bore the brunt of the ransomware attack.
Customers of these banks were unable to withdraw money from ATMs and even use UPI services due to the ransomware attack.
Reports from the media, meanwhile, detail the temporary isolation's differing effects on banks. The Hindu said that the action only affected NPCI services, such as AePS (Aadhaar-enabled payment system) and UPI, however CNBC-TV asserted that affected bank customers were also unable to withdraw cash from ATMs.
On the other hand, alerts were sent to banks about the chances of cyberattacks by the Indian cybersecurity authorities and the Reserve Bank of India (RBI).
