Search This Blog

Popular Posts

Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Indian Banks. Show all posts
Public Sector Banks
AI Threat Cyber Security Indian Banks Public Sector Banks

Indian Banks Step Up IT Spending Over AI Security Fears

 

Public sector banks are preparing to spend more on technology because a new wave of AI-driven cyber risk is making their existing systems look vulnerable. The main concern is Anthropic’s Claude Mythos, which has raised alarms for its ability to identify software weaknesses and potentially help attackers exploit them. 

Indian banks are being pushed to treat IT spending as a survival need, not just an operating cost. Senior bank executives have said they will raise budgets this financial year, with a large share going into cybersecurity, stronger defenses, and monitoring tools to reduce exposure to attacks. 

The issue is especially serious because banks depend on legacy systems that run critical operations in real time. One successful breach can ripple across payments, forex, clearing, depositories, and other linked financial networks, making the whole sector more exposed than a single institution might appear on its own.

The concern grew after Anthropic’s tests suggested Mythos could perform advanced cybersecurity and hacking-related tasks at a level that outpaced humans in some cases. Reports also noted that the model found thousands of high-severity vulnerabilities, which made regulators and bank leaders worry that similar tools could shorten the time between discovering a flaw and weaponizing it. 

In response, the government formed a panel under SBI Chairman C S Setty to study the risks and recommend safeguards. Finance Minister Nirmala Sitharaman has also urged banks to take pre-emptive measures, while institutions are expected to coordinate in the coming weeks to identify weak points and decide where additional investment is needed.
Read more »
Threat Landscape
Cyber Crime Financial Fraud India Indian Banks MHA Threat Landscape

Indian Banks Mull New Move for Faster Freezing of Scammers’ Accounts

 

Indian banks have proposed integrating their systems with the National Cybercrime Reporting Portal (NCRP), a division of the ministry of home affairs, which could enable a quicker freeze on fraudulent accounts in the wake of a cyberattack. 

This is intended to prevent those who commit cybercrimes and phishing attacks from swiftly transferring funds from a target's bank account to accounts with various banks before it is withdrawn or spent. This is a tactic employed by voice phishers and cyber shysters to make it more difficult for banks and law enforcement to recover the funds. 

“Banks, in consultation with cybercrime experts, have recommended API integration with the NCRP to reduce the average response time and quick updation of cases. So, the idea is to mark a lien and freeze a bank account automatically without manual intervention,” noted a banker. “An industry sub-group has suggested this to I4C,” said the person. 

I4C, or the Indian Cybercrime Coordination Centre, is an MHA programme that focuses on combating cybercrime and enhancing coordination between law enforcement agencies (LEAs) and institutions such as banks. NCRP is a vertical under I4C.

API, or 'application programming interface', enables two applications or systems to interact with one another without the need for human intervention. If there is an API between a system with specific data and another system that requires reporting, the two can communicate without the need for manual data entry. In the event of a cybercrime, such as a hacked internet banking account, API integration would allow for the quick transmission of fraud information to a central system or other banks. 

“Typically, money from the account where the fraud happens is moved to accounts with several banks. There is a far better chance of retrieving the amount if the information is available with the entire industry instantaneously. The time spent by Bank A awaiting an instruction from a LEA, then sending emails to bank B, C and D, or calling them up, to request a lien on the accounts where funds have gone, can be saved,” noted another banker.

The group has also advised that data on accounts identified as lien and freeze be made available to banks on a regular basis so that they can reconcile their records. 

In this respect, it has been observed that I4C may share a broad standard operating procedure directing banks to place bank accounts on hold, freeze or de-freeze them, and release funds to victims' bank accounts in cases reported to NCRP. Furthermore, it is believed that the nodal organisation should establish guidelines for communicating 'negative account or KYC details' so that accounts are not opened with the same demographics or KYC details as other banks.
Read more »
Subscribe to: Posts (Atom)