Small Indian banks back online after ransomware attack
A forensic audit firm carried out an extensive security review, concluding that the ransomware attack did not breach the individual systems of the banks but was confined to the systems of C-Edge Technologies.
Nearly 300 small Indian banks that were forced offline by a ransomware attack have resumed operations, according to the National Payments Corporation of India (NPCI). The attack had targeted C-Edge Technologies, a service provider for these banks, affecting about one-fifth of 1,500 cooperative and rural regional banks in India.
To contain the attack, the NPCI had temporarily isolated the affected banks from the country’s retail payments system. A forensic audit confirmed that the attack did not spread to the banks’ systems but was limited to C-Edge’s infrastructure.
The impacted banks can now resume transactions through the United Payments Interface and other NPCI-operated payment systems. The ransomware attack, attributed to a group called RansomEXX, also affected Brontoo Technology Solutions, a key collaborator with C-Edge Technologies.
About author
DW Team
The GIP Digital Watch Observatory team, consisting of over 30 digital policy experts from around the world, excels in the fields of research and analysis on digital policy issues. The team is backed by the creative prowess of Creative Lab Diplo and the technical expertise of the Diplo tech team.