Small Indian banks back online after ransomware attack
A forensic audit firm carried out an extensive security review, concluding that the ransomware attack did not breach the individual systems of the banks but was confined to the systems of C-Edge Technologies.
Nearly 300 small Indian banks that were forced offline by a ransomware attack have resumed operations, according to the National Payments Corporation of India (NPCI). The attack had targeted C-Edge Technologies, a service provider for these banks, affecting about one-fifth of 1,500 cooperative and rural regional banks in India.
To contain the attack, the NPCI had temporarily isolated the affected banks from the country’s retail payments system. A forensic audit confirmed that the attack did not spread to the banks’ systems but was limited to C-Edge’s infrastructure.
The impacted banks can now resume transactions through the United Payments Interface and other NPCI-operated payment systems. The ransomware attack, attributed to a group called RansomEXX, also affected Brontoo Technology Solutions, a key collaborator with C-Edge Technologies.