Home arrow Archives arrow Economic Highlights arrow Economic Highlights-2016 arrow Cyber Frauds: BANKS INSECURE, ROBBED, By Shivaji Sarkar, 2 Nov, 2016
 
Home
News and Features
INFA Digest
Parliament Spotlight
Dossiers
Publications
Journalism Awards
Archives
RSS
 
 
 
 
 
 
Cyber Frauds: BANKS INSECURE, ROBBED, By Shivaji Sarkar, 2 Nov, 2016 Print E-mail

Economic Highlights

New Delhi, 2 November 2016

Cyber Frauds

BANKS INSECURE, ROBBED

By Shivaji Sarkar

 

The bankers’ recent move to put a check on 3.2 crore credit and debit cards has sent alarm bells ringing across the country. The decision was taken to curb cyber frauds on the banking system.

 

At the same time, the move exposes how insecure the online banking system is. Credit/debit card frauds are rising across the globe and cyber experts say India is one of the most vulnerable countries. The system does not have the exact numbers of victims but it definitely would run into millions. This would include the elite class, journalists, lawyers, senior officials, students and who not.

 

In fact, mobile banking is stated to be more vulnerable. Another easy and novel method to defraud is to call up people largely in the name of a private bank, ICICI, and say that they want to transfer some amount to their cards. In the name of verifying card numbers they seek all the vital data and people have later found out that money has been swindled away from their accounts. Interestingly, the phone numbers are never accessible after the fraud has been committed. Many such numbers are stated to be based in Maharashtra, though the police say these are linked to an international network and “difficult to trace”.

 

Unfortunately, India is stated to be least prepared to meet it. The police are reluctant to register FIRs saying the card holders themselves are responsible as they share card details. The banks have shown their laxity in giving large loans that have added up to over Rs 10 lakh crore NPAs and now lack of steps to check cyber frauds may shatter trust in the system. Banks are fully liable to any loss to the customer and these must compensate them.

 

While banks like ICICI and others have failed to realise the bad loans, they have now started penalising the card holders for extreme trivialities such as delay in payment by a day or two. But when they keep excess amount for over 40 days, they do not pay the card holders a penny. In many cases the banks are acting irresponsibly—their customer care numbers are difficult to access; they don’t give emails for making complaints; their CEOs don’t respond and branches say they don’t have a mechanism to receive complaints!

 

Indeed, it’s very strange that the banking system did not listen to the wake-up call that emanated from the heist of a Bangladeshi bank in February 2016. Cyber thieves attempted to transfer $951 million and successfully transferred $81 million to a bank in the Philippines, never to be traced again. It sent shock waves across the global banking community, both for the amount of money that was swindled and how the heist leveraged the Society for Worldwide Interbank Financial Telecommunication (SWIFT) system, the backbone of international finance.

 

The recent data breach is being probed by National Payment Corporation of India (NPCI), a wing of the RBI. But NPCI seemingly does not have the numbers that has affected the people at large. It says the complaints of fraudulent withdrawals are limited to cards of 19 banks and 641 customers as their ATM linked to the service providers’ switch were compromised.

But there are reports that over 85,000 sites in India have faced external attacks in the past four years or so, related to core government, academic, banking or even science institutions. Importantly, the success of Prime Minister Modi’s Digital India depends on cyber security.

 

The continued adoption of alternate channels such as ATMs, kiosks, internet, mobile, cloud, and social media technologies have increased opportunities for attackers, as also the rising trend towards outsourcing, offshoring, and third-party contracting, which may have further diluted institutional control over IT systems and access points.

 

Cyber criminals have demonstrated their ability to exploit online financial and market systems that interface with the internet automated clearing house (ACH) systems, card payments and market trades. They put a skimmer in an ATM to collect card and personal identification numbers (PIN). Similarly, point of sales terminals (POS) and mobile phone systems are targeted for stealing personally identifiable information (PII). This has compromised millions of cards across the globe.

 

In reality, the bottomline is that as of now digital transactions are neither secure nor secret. Even reports suggest that the Aadhar numbers are compromised and misused.

 

The Chinese National Security Council, with its 1.25 lakh cyber security experts, is stated to be a potential challenge to India’s cyber security, says Cheri McGuire, Vice President, Global Government Affairs and Cyber Security Policy, Symantec Corporation. In contrast, India has a mere 556 cyber security experts.

 

What must be of utmost concern is that if hackers manage to destroy India’s bank data, there would be financial chaos. As per the RBI, India’s banking system is worth $190 billion, ranking it the third largest among the BRICS countries and 15th in the world. A financial disruption wouldn’t allow people to get their money, know whether they had it or if they had made payments. 

 

At stake is India’s US$2.1 trillion GDP, power grids, telecommunication lines, air traffic control, the banking system and all computer-dependent enterprises. Cheri says, the year 2014 saw 317 million malware variants globally or nearly 1 million new malware daily. In India, “We saw targeted attacks in businesses dealing with critical infrastructure particularly in financial sector, communication, transportation – thus underpinning the national security and economy. Among these attacks, 60 per cent were on large enterprises”.

 

Some Indian experts say that cyber system within the country is secure but SWIFT and other international gateways have problems. Money in the modern world is just an entry on a computer rather than gold and hard currency. According to a rough estimate, every year India is subjected to $4 billion loss due to cyber attacks, a majority of which is stated to originate from China.

 

Cyber security is less debated, sporadically written about, and rumoured at best in India. Because of this apathy and despite India’s grand stature in the cyber world, India is vulnerable to the cyber snarls.

 

The Government needs to restrict individual account/card holders, the most vulnerable, from dealing in cyber transactions for 90 days. Large houses should be asked to transact through banks. During this time a foolproof system should be created. Prevention is better than cure despite some jerks in the system.—INFA

 

(Copyright, India News and Feature Alliance)

< Previous   Next >
[ Back ]
 
   
     
 
 
  Mambo powered by Best-IT