Mounds Of Financial Sector Data Calls For Cyber Security ‘Enlightenment’

Mounds Of Financial Sector Data Calls For Cyber Security ‘Enlightenment’

SUMMARY

With rising disposable incomes, more and more Indians are accessing banking, insurance and mutual funds, among others

According to the latest RBI report, card and internet frauds, more than doubled to INR 195 crore in 2019-20 from the previous year

This year, Religare has reported having faced data leakage of 5 Mn customers and employees

Notwithstanding the recent headwinds from Covid-19, India’s largely consistent economic growth for more than a decade has precipitated an unprecedented expansion of financial services in the country. With rising disposable incomes, more and more Indians are accessing banking, insurance and mutual funds, among others.

The advent and penetration of the internet has much simplified these daily financial tasks. However, in an era of the inter-connected world of devices with cyber technology at its core, lack of awareness as well as the prevalence of ill-designed or inadequate security systems is always a challenge.

With 160 crore bank account holders, 32.8 crore life insurance and 47.2 crore health insurance policyholders, 2.78 crores registered investors with stock exchanges and 9.26 crore mutual fund accounts, India has a mammoth financial sector. The sheer scale generating gigantic volumes of data on a continuous basis renders the sector vulnerable to frauds. As such, a large scale cybersecurity enlightenment drive is the need of the hour.

Recent Data Breaches Illustrate The Risks

Although banks are considered as one of the world’s most secure and sophisticated enterprises, banks are becoming a popular target for new-age hackers. Only last year, the RBI had to direct the banks to secure their customer data after reports of 1.3 million credit and debit card data of Indians found to be on sale on the dark net came out. In another instance back in 2016, 32 lakh debit cards had to be recalled by several banks including State-run SBI on account of data breach.

According to the latest RBI report, card and internet frauds, more than doubled to INR 195 crore in 2019-20 from the previous year. Then last year, Aegon had to investigate a data breach involving 10,000 customers. Then this year, Religare has reported to have faced data leakage of 5 Mn customers and employees.

The Modus Operandi Of A Hacker

In recent times, unscrupulous hackers have evolved ingenious ways using unique and complex arrays of cyber-attacks to get past the ordinary security systems. The hackers are attempting to get hold of sensitive financial information of individuals, either from banking servers or an individual’s personal devices.

Infiltration Of Smartphones

One of the ways of extracting a person’s financial information is by infiltrating his smartphone with malicious applications. When a user wishes to use an app requiring access credentials, a data-theft overlay mimicking the desired app user interface gets displayed tricking the user to think that he is clicking on the genuine app. The unsuspecting user goes on to record the details of his access credentials which now get transferred to the hacker who now also has the app under his control.

Deploying Banking Trojans

Going a step further, hackers also embed these fake applications with banking trojans, such as bank bots’ cabarets pink slips intending to attack banks and stock brokerage firms with an eye on making hacking operations easier. These malware lock users using an Active Directory attack further bolting it up with many login attempts. These bots and trojans are focused on stealing money from the bank accounts.

Phishing

Phishing is another type of attack which involves the hacker sending an email to the victim claiming to be a trusted sender (like a bank or online shop), or by way of setting up fake websites claiming to be genuine. A banking trojan is attached to this email. Once the victim downloads it and opens it, the Trojan activates and steals information.

Retargeting Real Information From Dark Web Using Fake Pages

Another method entails hackers first buying real account information in bulk quantities from the dark web and then retargeting those accounts using phishing emails. In such a phishing email, disguised hackers request victim to follow some simple procedures on a web page, which has been deliberately set up by hackers for stealing login information and other important credentials.

Macro Malware

Hackers also employ what is known as macro malware which is developed using programs like VB Script programming language used for MS-Word and MS-Excel. Legitimate-looking files are usually sent via phishing email which comprises of malware-infected attachments such as CV by job seekers and cover letter reports in the form of MS Word files. Even as several advanced antivirus programs claim to detect macro viruses, hackers are trying to stay ahead of the game. Now, malware can comfortably hide within a system for a long time that gives hackers ample time to infect the system of users.

What Is The Way Out?

First, financial institutions must identify micro malware during the initial phase itself with a view to pre-emptively block it. And for individuals, to protect your information and make India’s financial sector secure, some tips are as follows: never open or download any attachments on your device without knowing the context, Invest in a genuine and licensed antivirus software on all your devices, never click suspicious links within an email that claims to contain genuine intimation and abstain from sharing your personal details on social media.

Therefore, in order to mitigate financial risks and to rule out any breach, concerted steps are needed at both macro and micro levels. Banks and financial institutions must invest strategically towards improving cybersecurity with a view to protect customers as well as secure the larger financial architecture of the country. More importantly, ordinary users need to be made aware of these risks.

Step up your startup journey with BHASKAR! From resources to networking, BHASKAR connects Indian innovators with everything they need to succeed. Join today to access a platform built for innovation, growth, and community.

Note: The views and opinions expressed are solely those of the author and does not necessarily reflect the views held by Inc42, its creators or employees. Inc42 is not responsible for the accuracy of any of the information supplied by guest bloggers.

You have reached your limit of free stories
Become An Inc42 Plus Member

Become a Startup Insider in 2024 with Inc42 Plus. Join our exclusive community of 10,000+ founders, investors & operators and stay ahead in India’s startup & business economy.

2 YEAR PLAN
₹19999
₹7999
₹333/Month
UNLOCK 60% OFF
Cancel Anytime
1 YEAR PLAN
₹9999
₹4999
₹416/Month
UNLOCK 50% OFF
Cancel Anytime
Already A Member?
Discover Startups & Business Models

Unleash your potential by exploring unlimited articles, trackers, and playbooks. Identify the hottest startup deals, supercharge your innovation projects, and stay updated with expert curation.

Mounds Of Financial Sector Data Calls For Cyber Security ‘Enlightenment’-Inc42 Media
How-To’s on Starting & Scaling Up

Empower yourself with comprehensive playbooks, expert analysis, and invaluable insights. Learn to validate ideas, acquire customers, secure funding, and navigate the journey to startup success.

Mounds Of Financial Sector Data Calls For Cyber Security ‘Enlightenment’-Inc42 Media
Identify Trends & New Markets

Access 75+ in-depth reports on frontier industries. Gain exclusive market intelligence, understand market landscapes, and decode emerging trends to make informed decisions.

Mounds Of Financial Sector Data Calls For Cyber Security ‘Enlightenment’-Inc42 Media
Track & Decode the Investment Landscape

Stay ahead with startup and funding trackers. Analyse investment strategies, profile successful investors, and keep track of upcoming funds, accelerators, and more.

Mounds Of Financial Sector Data Calls For Cyber Security ‘Enlightenment’-Inc42 Media
Mounds Of Financial Sector Data Calls For Cyber Security ‘Enlightenment’-Inc42 Media
You’re in Good company