DailyPost 689


With prophecies of doom the world over & few dastardly acts like the Bank of Bangladesh heist & many Lazarus exploits, the Indian banks remained unresponsive to the frenzy. The expected happened in the most unexpected manner. The quantum of money siphoned off in the breach is the minor part, the nature of it’s planning and meticulous execution will give Sherlock Holmes a run for his money. Might be this one of its kind operation in the banking hacks globally. Rahul K says this is the 5th generation loot where you don’t need arms to loot a bank. This may be the proverbial last straw on the camel’s back for the Indian customers.

This happened in an broadly unknown bank ouside Maharashtra, the Cosmos Bank, a co-operative bank located in Pune, which is over a century old. It was a multi pronged attack to transfer over Rs. 94 Crores over multiple days to foreign bank accounts. Bank Chairman said, “These transactions happened over two hours and 13 mins and spread over 28 countries where cloned cards were used to debit several amounts ranging from $100 to $2,500.” The bank in panic mode has literally shut down all banking operations.

The process of digital defrauding was perfect to the last mile. It was breaching the firewall in servers that authorize ATM transactions. A proxy server was then created and the transactions were authorised by it. In transactional terms the ATMs were releasing money without checking the cards were genuine or whether there was even a bank account. The cloned cards complete the story. It was 12,000 Visa card transactions amounting to Rs. 78 Crores internationally &2849 debit card transactions amounting to Rs. 2.5 Crores nationally.

The probe is on. The fate into the probe of the lakhs of SBI etc debit cards remains unknown. In the present hack SWIFT was also compromised. Outsourced IT Security vendors of doubtful quality cannot ensure Security. Erratic customer / sectoral behavior should throw up alerts/shutdown. Who can provide business logic but for professional bankers? Is Cyber Security Audit in vogue? Does it match the threat?


Sanjay Sahay

Leave a Comment

Your email address will not be published. Required fields are marked *

The reCAPTCHA verification period has expired. Please reload the page.

Scroll to Top