Escalating tensions in the Kashmiri conflict between India and Pakistan illustrate a point the Indian government has been driving home for years; it is time to double-down on securing India's critical financial services.
As the cornerstone of the nation's stability, the Banking, Financial Services, and Insurance (BFSI) sector was the focus of India's first Digital Threat Report 2024, and offers a "comprehensive view of the most critical risks facing the industry today."
The report leverages attack data from last year to pinpoint several areas of concern, including advanced social engineering, AI-driven threats, supply chain attacks, and a penchant for lagging behind in vulnerability scanning and patch management.
Cybersecurity Challenges Facing India's Financial Sector
Last year, the number of phishing attacks targeting India's financial sector surged by 175% according to Kaspersky, accounting for 135,000 incidents in H1 alone. Compounded with AI, phishing and Business Email Compromise (BEC) campaigns are operating on a more sophisticated level, pulling data from the dark web and hitting financial targets with astonishing accuracy. As noted in the Digital Threat Report, these attacks "bypass traditional defenses by leveraging stolen credentials and session cookies, effectively neutralizing multi-factor authentication."
Malicious Large Language Models (LLMs) like WormGPT have also left their mark on India's BFSI sector. These AI-driven weapons make mature, powerful exploits available to low-skill buyers, inflating the number of malware attacks and exploited vulnerabilities.
Compounding this issue is the fact that India ranked itself lowest in Patch and Vulnerability Management and Regular Testing and Vulnerability Scanning, the only compliance categories (from a list of 12) to receive a self-evaluated yellow or red mark in the latest government report. Yellow indicates "Needs Improvement;" red indicates "Major Concern."
This weakness for defending against vulnerabilities continues to manifest itself in more ways than one. Escalating supply chain attacks have "introduce[d] vulnerabilities at scale," with the report predicting more of the same plaguing India's financial market via the software supply chain. Indian BFSI organizations are warned to be wary of malicious code injected into trusted software libraries and spreading vulnerabilities upstream; think the MOVEit file transfer attack.
Recent Efforts to Bolster Financial Cybersecurity in India
In April of 2024, the Reserve Bank of India (RBA) and the Securities and Exchange Board of India (SEBI) rolled out transformative cybersecurity policy changes for India's BFSI sector.
These updated guidelines - the RBI's "Master Direction on Information Technology Governance, Risk, Controls and Assurance Practices, 2024" and SEBI's "Cybersecurity and Cyber Resilience Framework (CSCRF)" - focused India's financial services on a few key areas of improvement. They include, among others:
- Mandatory Zero Trust Architecture (ZTA): All BFSI access control mechanisms should require constant and continuous authentication. This goes for every user, every device, and every application, emphasizing an "identity-first" security approach.
- Data Sovereignty and Data Classification: India's financial services organizations are urged to classify all data based on sensitivity. This prioritizes the highest levels of security for the most valuable assets, or the ones that would have the largest impact on the organization if they were breached.
- Vulnerability Scans, Pen Testing and Red Teaming: Under the CSCRF, India's Market Infrastructure Institutions (MIIs) are required to perform vulnerability assessments, penetration tests, and red team engagements on a regular basis.
"Cybersecurity is no longer an optional safeguard but the foundation of financial stability in the digital age," noted Shri M. Nagaraju, Secretary, Department of Financial Services, Ministry of Finance. "As India's BFSI sector rapidly expands, securing digital transactions is not just a regulatory necessity but an economic imperative."
4 Bespoke Best Practices for Improving India's Financial Cybersecurity
The consequences of outdated security practices have already wreaked havoc on India's financial institutions.
Last year, a CFO in a Delhi-based firm handed over Rs 4.96 crore to a fake Managing Director who stated "urgent" government-related contracts were on the line. AI-driven misinformation plagues the ongoing Indian-Pakistan conflict, threatening the continuity of small financial organizations and prompting cyber expert Ritesh Bhatia to label "a fifth class of war...AI cyber," and ransomware actors continue to exploit vulnerabilities in India's BFSI supply chain, as noted in the report.
To prevent similar attacks from disrupting the economy in the coming year, Indian financial services entities can put the following best practices into action:
- Invest in Integrated Cloud Email Security (ICES) to prevent AI-driven inbox attacks. Traditional email security tools detect malware but fail to catch instances of social engineering. Advanced ICES solutions like Fortra Cloud Email Protection leverage machine learning and LLMs to detect subtle indicators of phishing and BEC attacks.
- Adopt a Vulnerability Management (VM) solution. With continuous vulnerability and risk management from Fortra Vulnerability Management, BFSI institutions can bolster their weakest area – VM and patch management – reducing the chance of exploited vulnerabilities, a common theme among this year's attack vectors.
- Perform Penetration Tests and Red Team Engagements. Nothing can prevent attackers from targeting lucrative financial organizations, but with Fortra Penetration Testing Services and Fortra Cobalt Strike, teams can be ready with real-world experience when they come.
- Implement strong Data Classification policies. Fortra Data Classification go beyond simple "sensitivity labels," offering the financial sector detailed identifiers (department, customer, country) for fully compliant data categorization that not only passes audits but feeds downstream DLP and data governance tools.
Today's attacks on financial institutions will only improve as technology evolves, and India's BFSI sector will increasingly be targeted for geo-political as well as financial reasons. Because the stability of a nation's society rests on the well-being of its economy, upgraded financial cybersecurity requirements – in India and elsewhere – are more than a matter of money; they are an issue of national security.
To learn more about Fortra solutions for finance, download the datasheet.
