On what could possibly be considered as a pilot run by cybercriminals, it’s important that our Banks learn from this incident and reflect on their preparedness and defense mechanism to successfully spot intrusions, intercept and prevent similar attacks in future.
A well-orchestrated cyber attack
An International cybercrime syndicate successfully carried out fraudulent transactions worth Rs.94 crore from Cosmos Bank on August 11 and August 13.
Hackers managed to inject a malware(suspected to have originated from Canada) into the[Cosmos] bank’s system. Malware (malicious software) is a kind of software built to gain partial or full control of the computer allowing the malware creator to perform their intended operations.
In this particular case, the malware attack was intended on a switch which is operative for payment gateways of Visa and Rupay debit cards. For nearly 2 hours, the switch was replaced by a parallel system or a proxy switch system which allowed the hackers self-approve the transactions.
The hackers were prepared with cloned cards which they used to withdraw Rs.78 crore from various ATMs in 28 countries and 2.5 crore were taken out in India in about 15000 transactions.
On 13th August, the hackers managed to make another successful transaction through SWIFT (Society for Worldwide Interbank Telecommunications) of Rs.13.92 crore to a HongKong based bank. Preliminary investigation found out that the first attempt of the attacker had failed because of incorrect inputs. They hacked into the bank’s system to obtain the systems correct identification number and then re-entered it into the money transfer system.
Cosmos Bank was unaware of the infiltration attempts and it was Visa and SWIFT that alerted them about the suspicious transactions leading to police complaint on August 13 and also forcing shutdown of the banking system for couple of days.
Cyber attackers have been targeting banks globally
Earlier in the year, FT reported that seven of UK’s biggest banks (Santander, Tesco, RBS, Llyods, HSBC, Clydesdale and Yorkshire Banking Group, and Barclays) were attacked which forced the bank to reduce operations and complete shutdown of the system in some cases. Top Dutch banks like ING,ABN mrbo and Rabobank also reported cases of DDoS (Distributed Denial of Services) attack. In July 2018, BBC reported that Hackers stole close to $1m from a Russian Bank. This on the back of 2 billion rubles ($31 million)that hackers stole from accounts that bank keep at Russia’s central bank in 2016.
Cyber-attacks on Banks have also been reported in Canada, Spain and Mexico this year. In 2016, unidentified hackers stole over $81 million from the Bangladesh central bank’s account with the Federal Reserve Bank of New York.US Financial service firms have constantly been under attack ever since. Forbes has reported that US banks have lost $16.8 billion to cybercrime in 2017. Attack on SWIFT alone has cost $1.8 billion to date.
In 2017, Union Bank of India (UBI) successfully prevented a massive cyber-attack which if had gone through estimated losses of $170 million.
Why India needs to be worried about such attacks?
1. It’s hard to recover lost money
The money, in this case, has left the country, a large part of which is understood to have been physically withdrawn from 28 countries. We would need help from respective investigating agencies to track the unidentified hackers and money leading to a very complex operation.
Handing over the criminals and recovering the money will also be a challenge as we have seen with extradition procedures against scammers and willful defaulters with all Indian agencies and law enforcers working together.
2. Stolen Money poses a direct threat to our country.
If the money reaches wrong hands, it could be used to fund terror activities or be used to fund a much bigger cyber-attack.
3. Impact on Customers
Customers run a risk of data breach and also being temporarily locked out of the banking system leading to panic and frustration.
4.Banks lose more than just money.
Apart from the amount siphoned off in the fraudulent transaction, the bank would attract regulatory fines, a large amount to upgrade their IT infrastructure and security. They will also face negative publicity and a decline in trust levels impacting their ability to attract new customers and attract old ones.
Possible solution to cyber attacks
While regulatory and cyber security experts work to come up with a sophisticated solution to address the problem. One possible solution that could be considered Two factor authentication (receiving an OTP as SMS to registered number) for all transactions preventing hackers to get away by just using cloned cards. Big Data Analytics and Artificial Intelligence can also go a long way when it comes to fraud detection.