Ransomware attack disrupts services at 300 small Indian banks, tech providers

A ransomware attack on C-Edge Technologies, a Mumbai-based banking technology provider for small banks in India, has reportedly led to a temporary halt in payment services across nearly 300 local banks. The National Payments Corporation of India (NPCI), through its X handle, on Wednesday said that it temporarily shut down the digital retail payment systems at nearly 300 cooperative and regional rural banks.

“To prevent a larger impact on the payment ecosystem, NPCI has temporarily isolated C-Edge Technologies from accessing the retail payment systems operated by NPCI,” read the advisory issued by the National Payments Corporation of India.

“Customers of banks serviced by C-Edge will not be able to access payment systems during the period of isolation,” the statement added.

The attack reportedly occurred on July 29, 2024, but it wasn't until July 31 that the National Payments Corporation of India confirmed the incident.

"Restoration work is underway on a war footing in collaboration with C-Edge Technologies, and a necessary security review is in progress,” the statement issued by the NPCI said.

Online retail transactions, including UPI, RTGS, IMPS, and AePS (Aadhaar-enabled payment system), are expected to be affected. While money got deducted from the sender's account, the amount did not get credited to the receiver's account, a statement by Dilipbhai Sanghani, Chairman of Amreli District Central Cooperative Bank from PTI revealed.

There are almost 1,500 cooperative and regional banks in the country which mainly cater to customers in rural and non-metropolitan areas. Reportedly, close to 300 of these small and local banks have been affected by the recent ransomware attack. However, since they cater to a limited customer base, the attack has allegedly impacted only about 0.5% of the country's total payment system volumes.

In its recent ‘Report on Currency and Finance’, the RBI revealed that only 0.15% of small public banks prioritise cybersecurity. It also noted that frauds are more prevalent in semi-urban areas than in metropolitan ones. Although the central bank has not commented on the attack, it, along with other cybersecurity authorities, had warned banks about potential cyberattacks in the coming weeks.