RBI alerts banks on heightened cyber security threats, gives action plan to address vulnerabilities, says report

The Reserve Bank of India (RBI) has cautioned some banks, urging them to fortify their defences against potential cyber attacks, as per a Moneycontrol report citing industry sources.

The warnings, issued to select banks, follow the central bank’s recent Cyber Security and Information Technology Examination (CSITE), wherein action points were provided to address identified vulnerabilities, the report added.

Distinct from routine risk assessments, the CSITE, scrutinises banks’ disaster management readiness, internet and mobile banking platforms, and fraud detection mechanisms. It serves as an independent review, initiated several years ago, to bolster cyber security surveillance.

“The RBI conducts a separate inspection to identify deficiencies in the cyber security capabilities of banks. This time, they met us and have given a list of action points where deficiencies need to be addressed,” one source told the publication. The RBI did not respond to repeated requests for inspection findings and ongoing evaluations, the report added.

RBI Deputy Governor T Rabi Sankar had in February stressed the need for the banking sector to brace itself for evolving cyber threats. Speaking at the 19th Banking Technology Conference in Mumbai on February 9, Sankar said banks must revamp their encrypted systems to counter artificial intelligence (AI) abuses.

Moreover, in response to the UCO Bank incident last year, wherein erroneous credits totalled ₹820 crore, the Finance Ministry directed state-run banks to review their digital operations’ robustness. On November 15, 2023, UCO Bank said that it faced some technical issues due to which some accounts received erroneous credits totalling ₹820 crore via Immediate Payment Service (IMPS).

“It is clarified that the transactions observed by the bank were due to internal technical issues as a result of which account holders of our bank have received some erroneous via IMPS. We wish to clarify that there was no issue with the IMPS platform,” it had said.
A day later on November 16, UCO Bank said it had recovered ₹649 crore or 79 percent of the ₹820 crore, by taking various proactive steps, such as blocking the recipients’ accounts.

Previous articleLawmakers propose a new federal office to regulate workplace surveillance tech
Next articleFrance asks 46 countries for help with Paris Olympics security