Search This Blog

Showing posts with label Bank Cyber Security. Show all posts

Customers of Private Sector Banks Facing Problems in Net and Mobile Banking




Customers of several private sectors and well-known banks complained regarding encountering many issues in net and mobile banking in the course of the last few days, those of HDFC Bank, Kotak Mahindra Bank, and YES Bank are comprehended to have been most influenced by these 'outages'.

The issue, which made its appearance on the 1st of October, is by all accounts has been halfway settled, however numerous customers kept on facing certain issues while signing in to their accounts through the Internet and other apps.

While bank executives note that a mix of the festive season and the beginning of the month when salaries are credited just as some IT issue may have been the other reasons to have expanded the heap on servers. Following the restrictions at Punjab and Maharashtra Cooperative Bank, withdrawals had additionally increased after frenzy among certain depositors.

While the HDFC Bank, which is in the middle of a 'festive sale', appears to have briefly withdrawn an extra security feature for logging into net banking. Kotak Mahindra Bank's net banking page shows this message: “Due to high volume, you may experience some delay while accessing Net Banking. We will fix this soon. We regret any inconvenience caused.”

And at the same time, HDFC Bank spokesperson states that “Transactions through both net banking and mobile (app) banking have been very slow at times over the last couple of days, but they are going through. Though there isn’t nothing to be unduly worried about, we regret the inconvenience caused (to our customers)."

Nevertheless, the banks have guaranteed that they're making a decent attempt to resolve the issue and will ensure that the operations mentioned become, to a great extent, standardized at the earliest opportunity.

The Central Bank of Russia will fine banks for weak cyber defense


On September 12, 2019, it became known that the Central Bank has a new punishment for banks for poor cyber defense.  By the end of the year, the Central Bank will launch a new feature for credit institutions, it will be the risk profile on the level of information security.

This indicator, according to Artem Sychev, the first Deputy Director of the Information Security Department of the Bank of Russia, will show the likelihood of problems for the Bank due to non-compliance with cybersecurity standards.

The risk profile will be formed on the basis of four characteristics, including the share of unauthorised card transactions and the bank's readiness to repel an attack. In addition, the risk profile will be taken into account in assessing the economic situation of the bank along with the amount of capital, profitability, liquidity, quality of management, etc.

Depending on the risk profile on the level of cyber security, the Central Bank will give recommendations to banks.

The calculation of the risk profile will allow us to evaluate how the bank’s management responds to emerging cyber threats, the Central Bank added.

A financial institution that receives a low-risk profile will have consequences ranging from enhanced supervision to penalties. Moreover, this will affect the loan terms at the interbank market.

Sychev stressed that the Bank of Russia sees a connection between the way the Bank relates to information security issues and its financial stability.

Nobody before in the Russian Federation or in other countries has determined such indicators that help the regulator (the Central Bank) to form an opinion about the situation, whether it achieves the goals of the regulation or not from the point of view of information security,” Sychev explained.

It is worth noting that on September 12, the Bank of Russia recorded a “rather serious” cyber attack on Russian banks from Brazil, said Artem Sychev.

According to him, it was a BIN-attack, in which bank card numbers are generated using a special program.

Sychev noted that the direct interaction of each of the attacked banks separately with the representative of Brazil did not give results. The attacks stopped only after the interaction of the Central Bank with the Brazilian regulator.

Sberbank helped one of the largest US banks to prevent a cyber attack


In July, Sberbank helped one of the largest US banks to prevent a cyberattack and avoid damage of several million dollars. Deputy Chairman of the Board of Sberbank Stanislav Kuznetsov announced this at the Eastern Economic Forum.

"At the end of July, our cyber defence center recorded an attack on one of the largest American banks. We informed the Bank, informed the relevant departments of payment systems to prevent the withdrawal of funds. At least several million dollars were saved," he said.

At the same time, Kuznetsov refused to tell which Bank was exposed to attack.

Kuznetsov shared the details of the cyberattack scheme. According to him, the fraudsters managed to hack one of the acquiring terminals and conduct a large number of operations. In the United States, PIN verification of transactions up to $130 is not required. As a result, at one moment the resources of several banks were attacked through a large number of operations.

At the same time, he stressed that this is a clear example of the fact that credit institutions should detect such attacks in an automated mode and not allow any actions directed against customers of both Russian and foreign organizations.

In addition, Stanislav Kuznetsov said at the Forum that Sberbank recorded about 2 thousand attacks on its systems in the first half of the year and prevented possible damage from them in the amount of at least 25 billion rubles.

According to him, the Bank noted the growth of social engineering."This is a trend to collect data about a person and corporations, and the second trend - we see that scammers focus on those companies that are poorly protected, and this is small and medium-sized businesses," he noted.

At the end of his speech, Kuznetsov said that North Korea's attacks on Russian banks are a myth, the threat to Russian resources comes "from another direction".

It is worth noting that this is the Fifth Eastern Economic Forum, held in Vladivostok on September 4-6.