A month before Pakistan’s ceasefire violation on the eve of Independence Day, a silent battle was raging in Mumbai’s financial district. Two large private banks, a retail brokerage and a state-owned lender faced a cyberattack from hackers across the border that seriously slowed down all online customer transactions.
In the world of cybercrime, such attacks, which could be mistaken as normal traffic overload on the Net, are known as ‘distributed denial of service’ or DDoS. Spread across the world, hackers, either sympathetic to lost causes or indulging in the game of extortion, virtually ‘take over’ thousands of computers in diverse destinations before unleashing a DDoS strike. As computers that are hacked into start behaving as robots – or, ‘botnet’ in cyberparlance, the hackers divert traffic from these terminals to clog the systems of targets like banks and even e-commerce firms. A bank that is invaded may be unaware of the attack and even take a while to sense that customers are struggling to put through a simple net banking fund transfer or credit card payment.
The July attack
On that day in July, it was no different. The financial institutions received advisory on the DDoS attack from the government’s Computer Emergency Response Team (CERT). Also, there were alerts that more attacks could follow over the next few hours, said a cybercrime expert.
Speaking to ET on condition of anonymity , one of the senior most officials in the government’s cybersecurity establishment said, “There was an attack but this was effectively countered. Often these things are done with the intention to blackmail … But we have the systems to handle it. There have been finance ministry and RBI instructions to banks for taking necessary measures to protect against DDoS strikes.”