Content |
History
2023: Hackers stole millions of dollars from an Indian bank. He did not have any information security protection
In early July 2023, it became known that the Reserve Bank of India imposed a fine on Mahesh Bank for the fact that this financial institution has extremely poor cyber protection. Due to the lack of information security tools, criminals were able to steal millions of dollars from the bank.
Mahesh Bank is reportedly failing to adequately protect its computer infrastructure. The bank does not even have a valid license for firewalls. Moreover, the organization does not use phishing detectors or intrusion detection/prevention.
This led to the fact that in January 2022, a Nigerian hacker hacked into Mahesh Bank's servers and withdrew approximately $1.37 million. During the attack, the attacker sent phishing emails to bank employees. When they were opened, malicious code was injected into the bank's IT system, which gave the fraudster full access to the Mahesh Bank network. After that, the cybercriminal was able to transfer money to unidentified accounts.
The investigation revealed the bank's carelessness regarding the adoption of cybersecurity measures, such as the use of anti-phishing tools, an intrusion prevention system, and real-time threat protection and management, as required by the Reserve Bank of India, The New Indian Express said. |
As a result, Mahesh Bank was fined 6.5 million rupees, or approximately $79 thousand at the exchange rate as of July 6, 2023. In addition, the Hyderabad Police Commissioner (Telangana State) sent a letter to the management of the Reserve Bank of India demanding to suspend the Mahesh Bank license for activities due to the lack of the necessary cyber protection means. The bank itself does not comment on the situation in any way.[1]