Rogue ransomware assault targeting C-Edge Technologies, a company that oversees the systems of specific banks, affecting UPI payments
Customers may experience temporary disruptions due to ransomware assault to their access to UPI, IPMS, and other payment systems of specific banks, according to a notice released by the National Payments Corporation of India (NPCI). The reason for this is that ‘Ransomware’ infected the computers of C-Edge Technologies, a bank service provider. “To avoid having a greater effect on the payment, NPCI has blocked C-Edge Technologies’ access to the retail payment systems that NPCI runs for the time being. During the isolation period, customers of C-Edge-serviced banks will not be able to access payment systems, according to a warning posted by NPCI on social media on July 31, 2024, at 6:39 p.m.
C-Edge Technologies Limited is a technological service provider that primarily serves cooperative and regional rural banks, according to the notification published by NPCI. “It has been brought to NPCI’s notice that C-Edge Technologies, a technology service provider who caters mostly to cooperative and regional rural banks, has been possibly impacted by a ransomware attack impacting a few of their systems,” the notice from NPCI stated.
The ‘C-Edge’ software issue, according to National Cooperative Union of India Chairman Dileep Sanghani, affected online transactions of at least 17 district cooperative banks in Gujarat, including the Amreli District Central Cooperative Bank (DCCB). Along with C-Edge Technologies, restoration work is being done on a warfooting basis, and the required security review is being conducted. The NPCI stated in the notice that connectivity to the impacted banks would be restored as soon as possible.
“Banking clients don’t have to worry about these kinds of assaults. The financial system and industry in India are strong and incredibly effective. Banks now have the necessary safeguards and security measures in place to guarantee the protection of the assets and data of their clients. As we’ve seen in this instance as well, the banks took the necessary precautions on time, and the regulatory authorities moved quickly to minimize the attack’s effects,” says Vishal Maru, Head of Global Processing at FSS. The company is a joint venture between Tata Consultancy Services (TCS) and State Bank of India (SBI), according to the C-Edge Technologies website.
On July 26, NPCI was made aware of the ransomware attack. One of the people quoted in the report stated, “The restoration will happen today; it was a cautious move so that the rest of the payment system remains isolated from the fallout of the malware attack.” “C-Edge is also in the process of hiring a forensic auditor to investigate the matter.” Revision effective August 1, 2024 NPCI said in a press statement on August 1, 2024, “NPCI communication with C-Edge Technologies Ltd. has been re-established subsequent to an independent forensic auditing firm’s security examination. The affected systems have been isolated by C-Edge to prevent the ransomware from spreading, according to the investigation. Additionally, the auditor has carried out the required security reviews and scans.
When a victim of a ransomware assault uses malicious software to encrypt files on their computer or network, the files become unreadable until a ransom is paid. Sheetal states that the following are important details regarding ransomware attacks: • Encryption: The files belonging to the victim are encrypted by the malware, rendering them unreadable without the attackers’ decryption key. • Demand for Ransom: Attackers request a ransom, frequently in cryptocurrency, in exchange for the decryption key. • Double and Triple Extortion: In more sophisticated assaults, the assailants would additionally threaten, in double extortion, to reveal the stolen information and, in triple extortion, to use it against the victim’s partners or customers.
Delivery Methods: Malicious websites, phishing emails, and software flaws can all be used to spread ransomware. “Ransomware is a category of malware that gains access to systems and makes them unusable to its legitimate users, either by encrypting different files on targeted systems or locking the system’s screen until a ransom is paid,” reads the July 31, 2024, page of the Indian Computer Emergency Response Team (CERT-IN). In addition, if the ransom is not paid, ransomware attackers threaten to sell or divulge any data they have exfiltrated.” Although there are innumerable varieties of ransomware, according to CERT-IN, they primarily fall into two categories: • Crypto Ransomware encrypts computer files, rendering them unreadable.
Crypto ransomware encrypts computer files, rendering them unreadable. The Locker ransomware prevents users from using common computer features. The overall number of ransomware occurrences reported in 2022 increased by 53% from the previous year, according to the CERT-IN Ransomware Report 2022. “RANSOMWARE_Report_202 2.pdf” (https://www.cert-in.org.in) “The sectors most affected were manufacturing, finance, and IT & ITeS. In order to apply pressure and demand ransom payments, ransomware players targeted critical infrastructure organizations and interrupted vital services. In terms of variants, the most common ones in the Indian setting were Lockbit, DJVU/Stop, and Makop ransomware. In 2022, a lot of new variations, like Vice Society and BlueSky, were noticed.
Additionally, CERT-IN stated in the report that “the availability of backups and images, the degree of infection, the affected applications, and the preparedness of the business continuity all affect the duration of ransomware restoration and recovery.” Even with the availability of secure backups, the time, effort, and expense associated are substantial.”
Also read: Achieving Rapid Outcomes with AI-Driven Cloud Analytics
Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter
About us:
CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.
CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.
