Axis Bank, the third largest private sector leader in India, received an unexpected phone call one month ago. It turns out the caller was one of the engineers at Kaspersky Lab, who revealed the names of several Axis computers that had been breached.
Axis Bank confirmed the data security breach and found out that an unknown offshore hacker is to blame for it. According to them, they have already filed a report with RBI. Apart from that, they have also hired the audit and advisory firm EY to handle the investigation.
Currently, there are no reports of any fraudulent transfers, and the extent of the damage and/or data loss still remains unknown.
The bank’s spokesperson explained that they often receive security threats from all over the world. In order to combat this, they have several security protocols in place, as well as an in-house team of security experts. The spokesman explained there has been no monetary loss.
In cyber terms, a malware creeping into the bank’s servers is often referred to as “lateral movement”. Such a virus can pose an advanced persistent threat.
RBI has advised the bank to monitor the funds resting in the nostro accounts and constantly compare outward messages with the SWIFT confirmations.
Such attacks, including the distributed denial of service attacks (DDoS), have become quite a common sight in the recent times. Most of the time, the Indian banks tend to resolve these kinds of issues internally without informing the regulator.