Businessman taking pile of money, Indian Rupee banknotes, on his desk in a dark office

Image copyright
Getty Images

A recent cyber-attack on a nuclear power plant has sparked a debate on the country’s ability to protect itself in a cyber-war. But experts say Indians should be more worried about the vulnerability of its financial systems. The BBC’s Ayeshea Perera finds out more.

News that India’s biggest nuclear plant – the Kudankulam facility in the southern state of Tamil Nadu – had been subject to a cyber-attack made headlines across the country last month.

It sparked conversations about whether the country was “cyber-ready” and many questioned whether it would be able defend critical infrastructure from malicious digital attacks.

But there is a much bigger issue that affects millions of Indians – debit card hacks and other forms of financial fraud.

Just last month, India’s central bank asked banks to investigate a warning by the Singapore-based cyber-security firm Group-IB that the details of 1.2m debit cards were available online.

And last year hackers were able to siphon off 900m rupees ($12m; GBP9.7m) from Cosmos bank in the western city of Pune through a malware attack on one of its data suppliers.

Why is India so vulnerable?

“India’s financial systems are extremely vulnerable, because we still rely on international banking networks like Swift to make transactions. International gateways are open vectors of attack for India,” Arun Sukumar, head of the cyber initiative at the Observer Research Foundation think tank, told the BBC.

And a report by cyber-security company Symantec said India was among the top three countries in the world for phishing and malware attacks.

Image copyright
Getty Images

Although this comes down to the sheer size of India’s digital population – the population of France is added every month to the country’s internet – it is a big concern because many first-time internet users are being pushed to use digital payments.

In November 2016, for instance, when the government suddenly removed 80% of the country’s cash from the economy by saying that 1,000 and 500 rupee notes would no longer be valid, Prime Minister Narendra Modi heavily promoted digital payments as an alternative.

Mobile payment platforms – both indigenous (Paytm) and international (Google) – have since become a massive industry in India. A report by Credit-Suisse estimated that mobile payments in India would become a $1tn market by 2023. Credit and debit card payments are also popular, with an estimated 900m cards operational in India today.

“Many of the newest entrants to India’s internet – more than half the 600 million-odd total users – are from the middle or bottom of the pyramid. This means that very often, their digital literacy is low, or they are migrant labourers working in states where they are not familiar with the language. So they are very vulnerable to fraud,” technology expert Prasanto Roy told the BBC.

“And secondly, there is inadequate reporting of fraud by banks, which means sometimes consumers are not even aware of what has happened.”

What kind of fraud is happening?

Financial fraud in India takes many different forms. Some involve hackers fixing skimmers and keyboard cameras to ATMs, which duplicate the card details of unsuspecting users. Others involve calling people up and tricking them into handing over information.

Image copyright
Getty Images

“The problem is that in a digital transaction lines are blurred and confusing. In the real world there is a clear distinction between giving and receiving. But on a mobile payment platform, this is not always clear. For instance, someone trying to sell a table online might be called by someone posing as a prospective buyer, offering to make an online payment,” Mr Roy explained.

“If that person says that he or she has made a payment and tells you that you will get a code via text message to confirm the transaction, many users would think nothing of it, even if they are asked to tell that person the code. The next thing they know is that the money has been deducted from their account.”

What improvements can be made?

One problem is that the systems themselves are not secure or transparent enough. In the Cosmos fraud for instance, the software was not able to throw up red flags when so many transactions were compromised. And by the time the fraud was discovered, a huge sum of money had been lost.

Furthermore, a lack of standardisation also makes transactions confusing, especially for first-time users. ATMs for instance, come in many different forms and each payment app in the country has a different interface.

Secondly, Mr Sukumar points out that there is also a human problem. People lack even basic awareness of the dangers, leaving both themselves and sometimes entire systems at risk.

Image copyright
Getty Images

“The humans behind the keyboards also need to be very careful. The virus which affected the Kudankulam nuclear plant was apparently introduced by a staff member who plugged a USB drive into one of the computers there, which then compromised the entire plant. This could be the same of bank staff or other financial institutions,” he said.

What is the government’s role?

Mr Roy says it is for the government and institutions to provide security in financial transactions – not the end user.

“Given the rate of India’s internet growth, it is not possible to rely on just education alone. It’s not possible for everyone to keep up with the sophisticated methods of hackers, especially when they are constantly changing tactics and methods. So the onus has to be on regulators and payment firms to protect users,” he said.

The other problem is that communication between the various cyber-security organisations is just not fast enough.

The Computer Emergency Response Team (Cert), who are the frontline defenders of India’s digital infrastructure, are sometimes too slow to respond to reported threats.

But India is already aware of this. The country is formulating a national cyber-security policy for 2020 and officials have identified six critical areas where policy needs to be where special attention is needed. Finance security is one of these areas.

Ideally, says Mr Roy, the Certs being planned for the six critical areas should communicate with each other, with oversight from a coordinator.

It is only then that India will be able to effectively respond to the risks that come with moving to a largely cashless economy.

0 comments

You must be logged in to post a comment.

  • Razmatraju prodaju najpoznatijeg irskog pivskog brenda
    on 25/01/2025 at 09:55

    Multinacionalna kompanija za proizvodnju i distribuciju pića "Diaego" razmatra da unovči sve veću potražnju za čuvenim brendom piva "Guinness" putem prodaje ili ponude akcija na berzi, objavio je Bloomberg.

  • Ponovo uskopartijski interesi u odluci o imenovanju Savjeta AMU-a
    on 25/01/2025 at 09:34

    Povodom odluke predsjednika Skupštine Andrije Mandića da povuče prije više od mjesec dana objavljeni Javni poziv za imenovanje članova Savjeta Agencije za audiovizuelne medijske usluge, reagovao je šef poslaničkog kluba SD-a Boris Mugoša ističući da ovaj potez pokazuje da većinu ne interesuju EU integracije.

  • Izrael zahtijeva da UNRWA napusti Jerusalim do 30. januara
    on 25/01/2025 at 09:16

    Agencija Ujedinjenih nacija za pomoć palestinskim izbjeglicama (UNRWA) mora da "prekine svoje djelovanje u Jerusalimu i da evakuiše sve prostorije u kojima djeluje u tom gradu" do 30. januara, poručio je pismom izraelski predstavnik pri UN-u generalnom sekretaru UN-a Antoniju Guterešu.

  • Boljević: Podsticati dobročinstva, to društvo čini zdravim i sigurnim
    on 25/01/2025 at 08:58

    Fond za aktivno građanstvo (fAKT) sinoć je po 16. put uručio godišnje nagrade i priznanja za filantropiju "Iskra". U „Zetskom domu“ na Cetinju uručene su četiri nagrade i osam specijalnih priznanja pojedincima, predstavnicima kompanija i udruženjima.

  • Potvrđena nominacija Pita Hegseta za državnog sekretara odbrane
    on 25/01/2025 at 08:35

    Američki Senat potvrdio je noćas nominaciji Pita Hegseta za državnog sekretara odbrane, u tijesnom glasanju, odbacujući pitanja o njegovim kvalifikacijama za vođenje Pentagona usred navoda o sklonosti piću i agresivnom ponašanju prema ženama.

  • Savjet za vladavinu prava: Precizno definisati rokove za sprovođenje reformi
    on 25/01/2025 at 08:15

    Snažnija podrška sudstvu, jačanje kapaciteta Specijalnog državnog tužilaštva (SDT), Specijalnog policijskog odjeljenja (SPO), kao i Agencije za sprječavanje korupcije (ASK), te osnaživanje radnih grupa za pregovaračka poglavlja 23 i 24, uz precizno definisanje rokova za sprovođenje reformi iz evropske agende, doprinijeće ispunjavanju uslova za članstvo Crne Gore u EU do 2028. godine, poruka je konstitutivne sjednice Savjeta za vladavinu prava.

  • Zbog Budve moguća blokada Glavnog grada
    on 25/01/2025 at 08:08

    Demokratska partija socijalista (DPS) blokiraće rad Skupštine Glavnog grada ukoliko ne bude održana sjednica Skupštine Opštine Budva, saopštio je za "Dan" šef kluba odbornika DPS-a Andrija Klikovac.

  • Optužni predlog besmislen, pokušaj diskreditacije članova Savjeta RTCG
    on 25/01/2025 at 08:00

    U potpunosti sam saglasan i djelim mišljenje sa uvaženim kolegom Vladanom Bojićem da nema mjesta za bilo kakve opužbe protiv predsjednika i četiri člana Savjeta Radio Televizije Crne Gore, zbog imenovanja generalnog direktora Borisa Raonića, saopštio je za Portal RTCG advokat Miloš Vukčević. 

  • Policija zaustavila traktore u Rumenci, studenti i građani došli da ih podrže
    on 25/01/2025 at 07:51

    Policija i Žandarmerija jutros su u Rumenci, na mostu na kanalu Dunav-Tisa-Dunav, zaustavili veliki broj traktora koji su iz Kisača krenuli u Novi Sad, kako bi, nakon što je juče ponovo jedna djevojka na protestu udarena kolima, kako su najavili, zaštitili studente. Studenti koji blokiraju fakultete Univerziteta u Novom Sadu, kao i građani, došli su da ih podrže.

  • Danas novi protest studenata
    on 25/01/2025 at 07:40

    Novi protest, koji neformalna grupa studenata “Kamo Śutra?” organizuje povodom tragedije na Cetinju, biće održan danas. Kako je najavljeno nakon skupa ispred zgrade Ministarstva unutrašnjih poslova (MUP) koji će početi u 19.30 sati, predviđena je protestna šetnja do Skupštine Crne Gore.

  • Rast indeksa i prometa
    on 25/01/2025 at 14:50

    Neznatan rast indeksa i značajan skok prometa obilježili su na Montenegroberzi sedmicu u kojoj ponovo nije usvojen Predlog zakona o budžetu za ovu godinu, iako je bio na dnevnom redu sjednice Skupštine.

  • Na prodaji imovina "Vektre Jakić"
    on 25/01/2025 at 10:46

    Stečajna uprava kompanije "Vektra Jakić" raspisala je oglas za prodaju dijela imovine tog preduzeća, po ukupnoj početnoj cijeni od 424,6 hiljada eura.

  • Zbog magle otkazano više letova na podgoričkom aerodromu
    on 24/01/2025 at 22:33

    Tri dolazna i dva odlazna leta sa podgoričkog aerodroma otkazana su večeras usljed velike magle.

  • Hitno usvojiti budžet i odluku o zaduživanju, na naplatu stiže 500 miliona eura
    on 24/01/2025 at 19:03

    Ukoliko Skupština ne usvoji budžet i odluku o zaduživanju, veliki problem nastao bi krajem marta pošto ni mandatorni troškovi neće moći da se isplaćuju jer rata od 500 miliona starih kredita dospijeva na naplatu već prvog dana aprila, kazao je ministar finansija Novica Vukoviću emisiji "Okvir", na TVCG . Penzioneri će dvadesetog febrauara primiti uvećane penzije, bez obzira na to da li će budžet biti usvojen , kazao je Vuković.

  • CBCG upozorava na lažne ponude kreditnih institucija bez licence
    on 24/01/2025 at 15:19

    Centralna banka Crne Gore upozorila je da su se u javnosti pojavile lažne informacije i ponude, kojima se na osnovu navodnog ugovora o saradnji između "Loan Link" i CBCG omogućava davanje online kredita u Crnoj Gori.

  • Štajner izrazio zainteresovanost za učešće u trenutnim projektima rudarstva i energetike
    on 24/01/2025 at 13:19

    Ministar rudarstva, nafte i gasa Admir Šahmanović sastao se danas sa ambasadorom Republike Austrije u Crnoj Gori Kristijanom Štajnerom koji je glasio zainteresovanost za učešće u trenutnim projektima rudarstva i energetike i istakao mogućnosti saradnje, posebno u pogledu tehničke ekspertize.

  • Aktivne fišing kampanje koje ciljaju korisnike CKB banke
    on 23/01/2025 at 16:57

    Nacionalni centar za odgovor na računarsko-bezbjednosne incidente (CIRT) upozorio je da je aktivna fišing kampanja koja je usmjerena na korisnike Crnogorske komercijalne banke (CKB). U pitanju je obavještenje koje stiže elektronskom poštom i koje izgleda kao zvanična informacija banke, koja od korisnika traži da „verifikuju svoj račun“.

  • Usaglašavanje domaće regulative sa tekovinom EU u fokusu
    on 23/01/2025 at 16:15

    Centralna banka (CBCG) i Vlada imaju dobru saradnju i posvećene su ključnom cilju - članstvu Crne Gore u Evropskoj uniji (EU), ocijenile su guvernerka vrhovne monetarne institucije Irena Radović i ministarka evropskih poslova Maida Gorčević.

  • Prijave za posjete privrednika međunarodnim sajmovima u Njemačkoj do 31. januara
    on 23/01/2025 at 13:12

    Privredna komora (PKCG) pozvala je zainteresovane privrednike da se do 31. januara prijave za posjetu međunarodnim sajmovima u Hanoveru i Dizeldorfu, na kojima će imati priliku da se upoznaju sa novim trendovima i pronađu nove poslovne partnere.

  • Neusvajanje budžeta stvara posljedice i za Agrobudžet
    on 23/01/2025 at 12:23

    Neusvajanje državnog budžeta znači neusvajanje i Agrobudžeta i ogromne posljedice, i to na poljoprivredne proizvođače, podsticaje države a dovela bi se u pitanje i isplata staračkih naknada, kazao je ministar poljoprivrede, šumarstva i vodoprivrede Vladimir Joković.