Ransomware Attack Disrupts Payment Systems for Nearly 300 Small Indian Banks

A recent ransomware attack has forced the temporary shutdown of payment systems across nearly 300 small Indian local banks, according to two sources familiar with the situation. The attack targeted C-Edge Technologies, a provider of banking technology systems to small banks throughout India.

The National Payment Corporation of India (NPCI), which oversees payment systems in the country, issued a public advisory late Wednesday announcing that it had "temporarily isolated C-Edge Technologies from accessing the retail payments system operated by NPCI." As a result, customers of banks serviced by C-Edge are currently unable to access payment systems.

To prevent wider impact, regulatory authorities have isolated nearly 300 small banks from the country's broader payment network. One source, an official at a regulatory authority, stated that "Most of these are small banks and only about 0.5% of the country's payment system volumes would be impacted."

The affected institutions are primarily cooperative and regional banks operating outside major cities. India has approximately 1,500 such banks, and a subset of these has been impacted by the attack.

The NPCI is currently conducting an audit to ensure the attack does not spread further. Meanwhile, C-Edge Technologies has not responded to requests for comment on the situation.

This incident comes in the wake of warnings from the Reserve Bank of India (RBI) and Indian cyber authorities to banks about potential cyber attacks in recent weeks, according to banking industry sources.

The attack highlights the growing cybersecurity risks faced by financial institutions, particularly smaller banks that may have less robust security infrastructure. It also underscores the potential for localized attacks to have broader impacts on national payment systems.

As the situation develops, authorities are working to contain the attack and restore normal operations to the affected banks. The incident serves as a stark reminder of the need for continued vigilance and investment in cybersecurity measures across the banking sector.

The GRC Report is your premier destination for the latest in governance, risk, and compliance news. As your reliable source for comprehensive coverage, we ensure you stay informed and ready to navigate the dynamic landscape of GRC. Beyond being a news source, the GRC Report represents a thriving community of professionals who, like you, are dedicated to GRC excellence. Explore our insightful articles and breaking news, and actively participate in the conversation to enhance your GRC journey.