“While both public and private sectors face cyber security challenges, the public sector tends to be more exposed to the threats in an ever-evolving landscape,” consultancy major KPMG said in a recent report. A Palo Alto study last year said that 67 per cent of Indian government and critical public sector installations had a 50 per cent increase in cyber attacks
It is no exaggeration. From the country’s premier medical institution—the All India Institute of Medical Sciences (AIIMS) came under not one, but two malware attacks over the course of one year—to premier banks losing money, India, and particularly its public sector, remain vulnerable to cyber crimes in what is one of the top five cyber attacked countries in the world.
ALSO READ | India's defence, other govt departments fell prey to cyber attacks in 2024, Telegram a hotbed: Report
“India’s public sector is the Achilles’ heel of our national cyber security,” said Trishneet Arora, founder and CEO of the cyber security company TAC Securities. “The absence of an actionable risk management system and outdated infrastructure leave critical systems vulnerable to cyber threats.”
Banks, including public sector banks, are a particularly high-value target. According to data, there were 248 successful breaches of Indian banks by cyber attackers in the four year period between 2018 and 2022, primarily card information leakage and theft. However, in a serious incident in November last year, UCO Bank had reported erroneous crediting of more than 800 crore rupees via IMPS. The bank later managed to recover nearly 80 per cent of the amount through actions like freezing accounts.
After a cyber security and information technology examination, or CSITE, identified vulnerabilities in certain Indian banks, the Reserve Bank of India (RBI) had in March this year cautioned banks to adopt cyber security measures. RBI’s deputy governor T. Rabi Sankar, speaking at a banking conference in February, had called on banks to upgrade their encryption systems to counter artificial intelligence (AI)-spawned attacks.
RBI has also instituted a dedicated Cyber Security Framework for Scheduled Commercial Banks.
For India’s public sector undertakings (PSU), the problems stem from “legacy systems, staff training, bureaucratic complexities, relying on third parties, difficulties in continuous monitoring and real-time threat detection (and) cultural resistance to change, scarcity of specialised cyber security personnel...(all) leaving these institutions vulnerable to evolving cyber risks,” according to Ruchin Kumar, vice president (South Asia) of Futurex, a US-based cyber security company.
So what can be done? Modernising IT infra and complying to cyber security regulations would be a no-brainer, but many PSUs still don’t allocate enough budget, or specialised personnel, for this. “Furthermore, strengthening third-party and supply chain security, promoting inter-agency collab and enhancing threat detection capabilities are vital components of this approach,” added Ruchin Kumar. With cyber threats always evolving, it is imperative that PSUs invest in continuous monitoring tools and stay updated. They also need to enhance security by following government updates, including encryption and tokenisation to protect sensitive data, as well as deploying hardware security modules (HSMs) to manage and protect cryptographic keys.
ALSO READ | 'Data breach, ransomware threats amount to cyberattack on India, not trolling Prime Minister or LoP online'
The situation is even more critical for public sector banks, as they deal in millions of financial transactions daily. “Cyber criminals obtain data from social networks and are also learning new technologies to make cyber attacks,” pointed out Rajendra K. Sinha, professor and chairperson, Centre of Excellence in Banking, JAGSoM. “Further, they use methods that are not easily detected by endpoint protection code.”
So what can the hapless ordinary citizen who is a bank customer do? Sinha has some tips in addition to training and awareness of bank staff and customers. “Precautionary measures include changing passwords regularly with strong password, removing personal information from social media, and not opening emails from an unknown source.”
