The Reserve Bank of India (RBI) has asked all banks to put in place a software update at automated teller machines (ATMs) to prevent their systems from a malware that has attacked payment systems across the world.
There are over 2.2 lakh ATMs in India, of which many old ones run on Windows XP.
ATMs, which run on old version of Microsoft’s Windows operating system, are highly vulnerable to such malware attacks. As per the RBI advisory, old ATMs will have to run a software update before they can be accessible to customers. “Some of the old ATMs were shut for software updates. Most ATMs were functioning normally,” said a banking source.
Further, the RBI has asked banks to follow the instructions of government firm Indian Computer Emergency Response Team (CERT-In) to prevent the attack by ransomware, ‘WannaCry’, which has impacted various IT networks in over 150 countries. CERT-In has come out with list of dos and don’ts and webcast on how to protect networks from the global ransomware attack. It has been reported that a new ransomware ‘WannaCry’ is spreading widely, RBI advisory to the banks said.
WannaCry encrypts the files on infected Windows system and spreads by exploiting vulnerabilities, it said.
Regarding the RBI directive to banks on software updates of ATMs, Pradeep Oommen, CEO, Bijlipay, said, “this directive will have two pronged impact. Firstly, a surge in digital transactions once again since the ATMs are likely to run dry and not work till the software upgrade are done. Secondly, an efficient alternative to this could be swiping your debit card at POS machines for cash withdrawal wherever the mini ATM feature is enabled. The RBI has allowed up to Rs 1,000 cash withdrawal through POS machines in Tier I cities and Rs 2,000 in tier II cities & above. Besides, the merchant who allows this facility is benefited with higher footfalls and earns an incentive for each transaction.”
The ransomware had hit systems over the weekend in more than 150 countries, including Russia and the UK, in one of the most widespread cyber attacks in history. It infected computers running on older versions of Microsoft operating systems like XP, locking access to files
on the computer. The cyber criminals have demanded an amount of about $300 in crypto-currencies like Bitcoin for unlocking the device.
BSE, NSE ask dealers to be cautious
Stock exchanges — the BSE and the NSE — have advised trading members to undertake “appropriate actions” tackle any threat from the ransomware WannaCry, which has hit computers and networks across the world. The exchanges told members that they will have to ensure that all workstations and servers have the latest Microsoft patch.
Besides, antivirus updates needs to be pushed to all end users and servers. Brokers will have to make the users aware about the threat and ensure that users do not download any suspicious attachments and/or browse suspicious /malicious links, the exchanges said. They have been asked to maintain a backup of critical data and store it offline and/or at a different location. The Securities and Exchange Board of India is keeping a close eye on network security measures for its own systems.