This post is also available in: heעברית (Hebrew)

Banks and financial institutions are the most favoured target for cyber criminals. Reports by various internet security firms show that the majority of the attacks happen on these clients and their end users.

A group of cyber experts in India has been working to make citizens’ banking transactions secure. The group, working for the Reserve Bank of India (RBI) – tech arm IDRBT, creates malware to attack the vulnerabilities in banks’ security networks. The attacks are done on dummy sites, not on the main sites, so as not to disrupt banking transactions. The feedback is shared with the banks in order to help them upgrade their security systems.

According to the, as many as 67 banks have joined the initiative started by the institute to get their cyber security preparedness tested.

Symantec, the internet security solutions company, has observed that India has consistently moved up the ranking for countries with the most number of financial Trojan infections over the last three years. “At least 40% of the BFSI (banking, financial services and insurance) businesses were attacked at least once,” Symantec’s financial threats report for 2016 said.

The cyber expert group consists of young researchers in cyber security and faculty at the Institute for Development and Research in Banking Technology (IDRBT).

The institute set up the group to help banks create a safety net to contain cyber attacks. “The original sites of the banks are not involved in the mock drill as it impacts their services. But the banks use all the security defence tools that they use for the main sites to defend themselves against the mock attacks,” the Director of IDRBT told BusinessLine.

The exclusive group set up for the purpose covers all the banks, taking up 10-15 banks at a time. The experts will check how effectively the banks’ defence systems have thwarted attacks. “We will share the feedback with banks,” he said.

Other measures include a forum set up by the Chief Information Security Officers of the banks in order to discuss cyber attacks and to share information, manage and plan for issues related to information security.