The National Payments Corporation of India (NPCI) has put out a notice that UPI, IPMS and other payment systems of certain banks will temporarily not be available to customers. This has happened due to systems of C-Edge Technologies, which is a service provider to several banks, being attacked by ‘Ransomware’.
“To prevent a larger impact on the payment ecosystem, NPCI has temporarily isolated C-Edge Technologies from accessing the retail payment systems operated by NPCI. Customers of banks serviced by C-Edge will not be able to access payment systems during the period of isolation,” said NPCI in a notice on social media dated July 31, 2024, at 6.39 pm.
Which banks are affected by the suspension of payment systems by NPCI
According to NPCI’s notice, C-Edge Technologies Limited is a technology service provider mostly catering to cooperative and regional rural banks. “It has been brought to NPCI’s notice that C-Edge Technologies, a technology service provider who caters mostly to cooperative and regional rural banks, has been possibly impacted by a Ransomware attack impacting a few of their systems,” said NPCI in the notice
“Restoration work is underway on a war footing along with C-Edge Technologies and necessary security review is in process. Connectivity to the affected banks shall be restored at the earliest,” said NPCI in the notice.
According to the C-Edge Technologies website, the company is a joint venture between Tata Consultancy Services (TCS) and the State Bank of India (SBI). (https://cedge.in/about-us/)
What is a ransomware attack?
According to Sheetal R Bhardwaj, executive member of the Association of CertifedFinancial Crime Specialists (ACFCS), "A ransomware attack is a type of cyberattack where malicious software, or malware, encrypts a victim's data or locks them out of their systems. The attackers then demand a ransom payment in exchange for restoring access to the data or systems. Ransomware attacks involve malicious software that encrypts files on a victim's computer or network, rendering them inaccessible until a ransom is paid.
According to Sheetal, here are some key points about ransomware attacks:
Encryption: The malware encrypts the victim's files, making them。inaccessible without a decryption key, which the attackers hold.Ransom Demand: Attackers demand a ransom, often in cryptocurrency, too。 Provide the decryption key.
Double and Triple Extortion: In more advanced attacks, attackers may also threaten to leak stolen data (double extortion) or use the stolen data to attack the victim's customers or partners (triple extortion) if the ransom is not paid.
DeliveryMethods: Ransomware can be delivered through phishing emails, malicious websites, or exploiting vulnerabilities in software.
According to the Indian Computer Emergency Response Team (CERT-IN) website of July 3, 2024, “Ransomware is a category of malware that gains access to systems and makes them unusable to its legitimate users, either by encrypting different files on targeted systems or locking the system's screen unless a ransom is paid. Ransomware actors also threaten to sell or leak any exfiltrated data, if the ransom is not paid.”
CERT-IN states, on its website, that although there are countless strains of ransomware, they mainly fall into two categories: Crypto Ransomware encrypts files on a computer so that they become unusable.
Locker Ransomware blocks standard computer functions from being accessed.
According to the CERT-IN Ransomware Report 2022, Overall, there is a 53% increase in Ransomware incidents reported in the 2022 Year over Year. (https://www.cert.in.org.in/PDF/RANSOMWARE Report_2022.pdf)
“I'T & ITeS was a majorly impacted sector followed by Finance manufacturing, Ransomware players targeted critical infrastructure organisations and disrupted critical services to pressurise and extract ransom payments Variant wise, Lockbit was a majorly seen variant in the Indian context followed by Makop and DJVU/Stop ransomware. Many new variants were observed in 2022 such as Vice Society, BlueSky etc, Leaked ransomware source codes are getting forked to launch new ransomware brands," said CERT-IN in the report.
CERT-IN also said in the report that “Ransomware restoration & recovery time is dependent upon multiple factors like level of infection, affected applications, availability of backups &images, and Business Continuity preparedness. Time, effort and cost involved are very significant even with the availability of safe backups.
-
Double blow of pollution with rising mercury! How to get rid of respiratory disease and skin allergy? Expert advice
-
On Mother’s Day, give your mother these unique gifts of good health, which she might not have thought of!
-
How to keep basil healthy with banana peel
-
SIT filed charge sheet in the court in the case of attack on Farooq Abdullah, made many big revelations
-
Mango Sandwich Recipe: Make this quick and creamy mango sandwich in summer, note the method
