India with its burgeoning millennial population and mobile explosion has adopted ‘Digital’ faster than most economies. This rush to gain market share has come at a price. Indian banks are fully aware of the risks and have technologically equipped themselves.
It is easy to use a credit card in a place like the US, but in India, there is a checkpoint in the form of an OTP (one time password) or another level of validation. As such, Indian banks have been conservative and careful from a process and technology standpoint.
However, what is also true is that malware-related risks, such as the one that has impacted Visa, MasterCard and RuPay cardholders, are very real.
Worldwide 10 New Strains of Malware Come Out Very Second
That essentially means 10 potential new zero-day attacks that have never been seen before and may be completely undetectable.
Considering that more than 80 percent of these malware attacks are delivered through browsers, let’s recognise that there is no such thing as ‘perfect protection’. Even so, there are a few things that Indian banks can do over and above what they are already doing.
One such change is a shift in the mindset from ‘Detect and Respond’ to ‘Predict and Prevent’. Today, we have technology that can do this for browsers by isolating malware threats outside the IT perimeter of a business and thereby ensuring near 100 percent malware-free internet usage within a corporation.
The ‘Predict, Isolate and Prevent’ is becoming a primary premise for security transformation within banks in the US and UK.
Have Similar Breaches Happened In Other Countries?
There have been several such breaches across the world. Two examples of significant breaches include the 2013 breach at the US retailer Target Corp and the SWIFT breach that led to Bangladesh Bank losing over $81 million.
Let’s look at the Target breach first. Though it happened a couple of years ago, it was very significant. The personal and financial information of approximately 110 million people, comprising 11 GB of data, was stolen in a compromise during the Christmas shopping season.
The attack, attributed to a cyber-criminal in Ukraine, was undetected for almost two weeks. It was a malware attack, and at the time, none of the anti-virus solutions in the market would have or did detect the malware.
Read the full story on BloombergQuint.
(At The Quint, we are answerable only to our audience. Play an active role in shaping our journalism by becoming a member. Because the truth is worth it.)