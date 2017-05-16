In the wake of global ransomware cyber attack, most banks are monitoring transactions, updating old software, strengthening firewalls and network controls. Banks have also asked employees to exercise caution while browse websites, including Gmail and Facebook, while implementing other precautionary measures to avoid future malware attacks.

Amid growing digital transactions and online banking, financial institutions are becoming more vulnerable to cyber attacks.

A senior government bank official said, "We are asking banks to limit usage of Gmail or social media websites and maintain extra caution to open unknown links."

A hacker group used WannaCry ransomware to infect more than 200,000 computers in over 150 countries and has already garnered around USD 64,000 (Rs 41 lakh) through payments people have made to unlock their computers.

A ransomware is a malware that typically logs users out of their own systems and asks them to pay a ransom if they want to get the key to the locked or inaccessible data.

“While this has happened in some parts of India as well, it is always better to assume to prepare for the worst. All organisations including banks have started reading the advisories and done the patching activities over the weekend and 90 percent of the banks are through with the patching exercise. Nothing drastic has happened but we will have to wait and watch. One public sector bank had approached us and we are working with them,” said Kartik Shinde, Partner, Advisory Services, EY.

Apart from National Payments Corporation of India (NPCI) and Indian Banks' Association, EY is also trying to come up with advisories that list the factors which could be exploited and how can banks be prepared to avoid them.

Indian banks are setting up more firewalls, getting antivirus updates and additional controls like network access controls which detects the end point of the device which does not have a patch and restricts internet connection. They are also monitoring all transactions at ATMs and other digital channels.

“This is definitely a wake-up call for banks to take extra measures. While Windows XP is more vulnerable, other operating systems also can face threat. Controls such as white listing, hard disk encryption and windows and BIOS password are being done,” said Radha Rama Dorai, Country Head - ATM and allied services, FIS, a financial software and business solutions firm.

Higher licensing costs have led to some banks not updating their software for non-pivotal functions and remote locations.

Last year, in a separate attack, about 32 lakh debit cards were compromised between May and July after a malware was injected in the systems of Hitachi Payment Services Pvt Ltd attacking about 90 ATMs.