SBI ATMs not affected by ransomware: CIO

May 17, 2017

Amid reports of several ATMs remaining shut due to a possible virus attack by WannaCry ransomware, the largest public lender of the country State Bank of India (SBI) on Wednesday said that it has not been affected at all by the malware and all its ATMs were fully functional.

“We have not been impacted at all. None of our ATMs have been asked to shut down,” SBI chief information officer Mrutyunjay Mahapatra told IANS.

SBI has close to 59,000 ATMs out of over two lakh ATMs in the country.

Mahapatra said that 80%-90% of the old ATMs have already got the security patch, and the remaining are being updated, but none of the ATMs have been shut down as SBI has a secure closed loop network and robust firewalls.

“80%-90% of the old ATMs have already got the security patch. Wherever remaining, our engineers are updating. We are doing a review, and putting additional security patch if needed,” he said.

“Ours is a close-looped network, where all servers end to end are ours. We are dealing with public trust and public money, so we are very careful about it. Our security network is very high and we have very robust firewalls. We run anti-malware quite often,” Mahapatra told IANS.

The ransomware is said to affect the ATMs which were installed five-seven years back and are running on the Windows XP software. The newer ATMs which run on Windows 10 are said to be safe from the malware attack.

“Roughly our 50% ATMs are running on Windows XP. ATMs installed five-seven years back have Windows XP, but they are not greatly vulnerable. Malware files are large in size and cannot travel through firewall. However, for Windows XP, new security patch has been updated,” he said.

Mahapatra claimed that the ransomware attack was aimed at harming the economy but the banking sector has not been affected by it.

“Malware attack means they want to bring down the system. Their idea is to bring down the economy. This is more mischief than reality. As the CIO of SBI, to my knowledge no such thing has come to my notice. To my knowledge other banks are also not affected,” he said.

“There is no need to panic. Taking advantage of this situation, miscreants may send mails to reveal their old password, that should be avoided,” he added.

ATM manufacturer AGS Transact Technologies, which has an installed base of 60,000 ATMs in the country, said they were working with the partner banks to secure their network and updating of the security patch.

“We ensure regular updates of the security patches on the servers to protect all ATMs in our network from such attacks. Additionally, we are working closely with our partner banks to secure their network and eliminate chances of any vulnerability,” Mahesh Patel, president and group chief technology officer, AGS Transact Technologies, told IANS.

“The WannaCry attack is a wake-up call for all countries including India, which is at the cusp of digital revolution. It brings to the fore the collective need for Indian companies to be more vigilant and treat cyber-security as one of their highest priorities,” he said.