Small banks' digital payment services affected in cyberattack on tech firm
Ransomware attack on C-Edge Technologies on Wednesday prompts NPCI to security review
 "Small banks' digital payment services affected in cyberattack on tech firm")
The Unified Payments Interface (UPI) and Immediate Payment Service (IMPS) of 300 small and cooperative banks went down on Wednesday after a ransomware attack on C-Edge Technologies, a technology service provider.
The National Payments Corporation of India (NPCI) said banks affected were disconnected from the broader payment network to mitigate widespread impact.
Background of the incident
Also Read
C-Edge Technologies is a joint venture between Tata Consultancy Services (TCS) and State bank of India (SBI), according to the company's website. It was the target of a ransomware attack, which typically involves unauthorised access to a system where attackers encrypt data and demand ransom for decryption. NPCI isolated C-Edge, which serves cooperative and regional rural banks, from accessing retail payment systems to prevent further complications within the payment ecosystem. As a result, customers of the affected banks are unable to access payment services during this isolation period.
Response and restoration efforts
NPCI is working with C-Edge Technologies to restore services as quickly as possible. It said in a post on X (formerly Twitter) restoration efforts are underway on a "war footing" on Thursday. A thorough security review is in progress to ensure that the systems are secure before they are reconnected to the payment network. Customers are advised to remain patient and stay updated through communications from their respective banks and the NPCI as restoration efforts continue.
What is a ransomware attack?
A ransomware attack involves a malware that encrypts files and denies access to the genuine user, with hackers demanding a ransom in return.
Ransomware can be categorised into different types:
Crypto ransomware: Encrypts files and demands payment for the decryption key.
Locker ransomware: Locks the user's screen, preventing access to the device without paying a ransom.
Double extortion: This newer tactic not only encrypts files but also threatens to leak sensitive data if ransom is not paid.