In a significant disruption to the financial ecosystem, around 300 small-sized lenders, including cooperatives and regional rural banks, have been unable to provide payment services due to a ransomware attack on their technology service provider, -Edge Technologies. In a notification issued on Wednesday, the National Payments Corporation of India (NPCI) stated that UPI (Unified Payments Interface), IMPS (Immediate Payment Service), and other retail payment systems of certain banks will not be available to customers temporarily.
What happened to the banks?
C-Edge Technologies is a joint venture between SBI and TCS that provides IT infrastructure and services to several cooperative and regional rural banks across India. NPCI reported that the company’s systems were compromised due to ransomware, a type of cyber attack. To protect the broader payment ecosystem, NPCI swiftly isolated C-Edge from accessing its retail payment systems, preventing any further consequences.
What Is a Ransomware Attack?
Ransomware is malware created by cybercriminals to deny a user or organization access to their files on personal computers. The attackers would encrypt your sensitive files and demand a ransom payment for the decryption key.
These attacks are meted to place organizations in a position where paying the ransom is the easiest and cheapest way to regain access to their files. Many variants add additional threats to the attack such as data theft – to provide further incentive for ransomware victims to pay the ransom.
How will this impact Customers?
Many customers will be affected due to the disruption in financial services caused by this ransome disruption. Key services such as cash withdrawals from ATMs and UPI transactions have been disrupted.
Moreover, all online transactions, including Real-Time Gross Settlement (RTGS) and UPI payments will bear the brunt of this snag.
In some cases, money has been deducted from senders' accounts but has not been credited to the recipients, adding to customer frustrations.
According to a PTI report, National Cooperative Union of India chairman Dileep Sanghani confirmed the scale of the issue. He noted that around 300 banks, including 17 district cooperative banks in Gujarat, have been experiencing problems since July 29. These interruptions have left customers in a lurch, unable to complete their financial transactions.
“All online transactions, such as RTGS and UPI payments, are affected. Money is deducted from the sender's account but does not get credited to the receiver's account," Sanghani, the chairman of Amreli District Central Cooperative Bank, stated.
What is being done?
There has not been any report of financial loss because of the breach, officials have told PTI. However, they also noted that the banks have been facing issues for the last two days after the discovery of a breach of the system at C-Edge.
Currently, restoration works are underway, with C-Edge Technologies and NPCI working on a "war footing" to resolve the issue. The officials have also initiated a necessary security review regarding the same.
“To prevent a larger impact on the payment ecosystem, NPCI has temporarily isolated C-Edge Technologies from accessing the retail payment systems operated by NPCI. Customers of banks serviced by C-Edge will not be able to access payment systems during the period of isolation,” NPCI stated in its release.
“Necessary precautions starting with isolating the C-Edge system had to be taken to protect the larger payments system,” the officials said.
A senior industry official told PTI that the ransomware found in the system has been isolated, following which a third-party audit was also conducted. “If all goes to plan, the system should be running by Thursday morning or afternoon,” they said.
Though this cyber attack impacts bank accounts for less than 1 per cent of the overall payment system volume in the country, it highlights the critical and sensitive landscape of banking systems that can easily be compromised by cybercriminals. The incident calls for the strengthening of cyber structures to protect customer’s data and their money.
