An audit report of security breach at Hitachi, an ATM provider, spills bad news for banks. It says the devices that are installed to protect systems from malware and viruses are no match to the targeted cyber security attacks.
Remember the time when banks sent out messages asking its customers to change their passwords or even change their cards. It took us all both by surprise and shock. Banks were on high alert after there was a security breach at Hitachi, an ATM provider. But, a new development in this issue is even more disturbing.
After the cyber-attack, Hitachi had hired a Bengaluru-based company to investigate the whole issue and the audit report spills bad news for the banks and the corporates. As per the report, devices that are installed to protect systems from malware and viruses are no match to the targeted cyber security attacks, reports Economic Times.
What does the audit report say?
The forensic team investigating the matter said the hackers used a sophisticated software code that can be used to breach many anti-malware walls. Surprised by the cleverly written code, the inspecting team said the hackers created a ‘dummy code book’ within the Hitachi system-capturing all possible four-digit numbers from 0000 to 9999— to steal the PINs (personal identification numbers) of customers as and when they used their cards to withdraw money from ATMs of a private bank in India.
When did the breach happen?
The watershed moment in the Indian cybersecurity space occurred sometime from late May to end July of 2016. However, the matter came to light in October when payment providers like Master-Card, Visa tipped off the banks about the breach. After the alert, the banks started taking corrective measures.
How many banks were in the eye of the storm?
Major listed banks like ICICI Bank, HDFC Bank, Axis Bank, SBI and Yes Bank alerted their customers and took immediate actions to resolve the problem. The machines that were infected were quarantined and the banks had also announced issue of new debit cards.